Hacker's Theft of Over Six Million Individuals' PHI Leads to $2.3 Million HIPAA Settlement | Practical Law
The Department of Health and Human Services (HHS) has announced a settlement of potential violations of the Health Insurance Portability and Accountability Act (HIPAA) with a Tennessee-based business associate (BA) that provides health information management and other services to hospitals and clinics. Under the agreement, the BA must pay $2.3 million to HHS and comply with an extensive two-year corrective action plan (CAP).