Skip to main content

Insurer to pay additional $1.5 million for 2009 breach-related violations

posted onMarch 14, 2012
by l33tdawg

A 2009 data breach that has already cost BlueCross BlueShield nearly $17 million has just gotten a little bit more expensive.

In a further settlement unveiled today, the insurer agreed to pay $1.5 million to the US Department of Health and Human Services (HHS) and also review and revise its privacy and security policies in addition to regularly training employees on their responsibility under the HIPAA of 1996.

The notification rules require all entities to notify affected individuals of any breach involving their health information. It also requires them to notify the HHS and the media in cases where the breach affects more than 500 people. 

Today's settlement stems from an October 2009 breach in which an unidentified intruder compromised data that included about 600,000 audio recordings of customer support calls and over 300,000 screenshots showing what call centre staff had on their computer screen when they were handling these calls.



Law and Order Privacy

You May Also Like

Recent News

Thursday, May 17th

Monday, May 14th

Tuesday, May 8th

Saturday, May 5th

Thursday, May 3rd

Wednesday, May 2nd

Tuesday, May 1st

Friday, April 27th