Arizona A.G. settled over multi-state HIPAA-related data breach for $900,000

owen-beard-722582-unsplash

 

On May 28, 2019, Attorney General Mark Brnovich announced a settlement with healthcare software providers Medical Informatics Engineering Inc. and NoMoreClipboard, LLC regarding some claims brought against them under the federal Health Insurance Portability and Accountability Act (HIPAA).

By way of background. Defendants were business associates that were providing health records services that enabled patients to access and manage their electronic health records. Defendants were required to comply with HIPAA’s requirements.

In 2015, a data breach occurred and hackers stole protected health information of over 3.9 million individuals. In 2018, plaintiffs, the States of Arizona, Arkansas, Connecticut, Florida, Indiana, Iowa, Kansas, Kentucky, Louisiana, Michigan, Minnesota, Nebraska, North Carolina, Tennessee, West Virginia, and Wisconsin filed a complaint for violation of the HIPAA.

As a result of the settlement, defendants will pay $900,000 to the Plaintiff States and agreed to implement and maintain significant data-security improvements.

 

 

MIE consent judgement and order is available at https://www.azag.gov….              Open PDF

 

Arizona Attorney General press release is available at https://www.azag.gov…

 

 

For more information on how a data breach could impact your business Francesca Giannoni-Crystal and  Federica Romanelli