Category: Fines and Penalties

Massachusetts Eye And Ear Associates Inc. To Pay $1.5 Million For Potential Violations Of The HIPAA Security Rule

Posted September 18, 2012 by TeamSHATTER Admin in Data Breach, Database Security, Fines and Penalties, Health Care, HIPAA with 0 comments

Another HIPAA data breach settlement has been reached, this time with the Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates Inc. (MEEI), which will pay $1.5 million to the Department of Health and Human Services (HHS) for potential violations of the HIPAA Security Rule. HHS officials announced Monday that the settlement also requires MEEI to take corrective action to improve policies and procedures to safeguard the privacy and security of its patients’ protected health information. Click for…

Click for complete article >>

Alaska DHSS Fined $1.7M Over Data Breach


The Alaska Department of Health and Social Services (DHSS) – the state’s Medicaid agency – has agreed to pay $1.7 million to the U.S. Department of Health and Human Services (HHS) to settle possible violations of the HIPAA Security Rule, making it the second largest settlement for HIPAA violations to date. As part of the settlement, the state has also agreed to take corrective action to properly safeguard the electronic personal health information (PHI) of their Medicaid beneficiaries. Click for…

Click for complete article >>

Pain Comes Immediately – Secure Development Takes TimeTeam Shatter Exclusive


I recently came upon a blog post by Adrian Lane of Securosis titled ‘Pain comes instantly – fixes come later’, in which he comments on yet another blog post ‘Pain comes instantly’ by Oracle’s CSO, Mary Ann Davidson. Anything ‘Oracle security’ always gets me curious, so I went ahead and worked my way through both articles. Let’s just say one of them is a rather lengthy read. The core point of Mary Ann Davidson’s post is an objection she has…

Click for complete article >>

RockYou To Pay $250,000 Fine For Massive Security Breach

Posted March 30, 2012 by Tim Whitman in Breach Costs, Data Breach, Database Security, Fines and Penalties, Media with 0 comments

The Federal Trade Commission today said it has reached a settlement with online gaming company RockYou relating to charges that it did not protect personal information. Hackers accessed information of RockYou’s 32 million users in 2009, according to an FTC statement. The FTC also alleges that RockYou violated the Children’s Online Privacy Protection Act Rule (COPPA Rule) by collecting information, such as birthdays, of about 179,000 children. RockYou is required to pay a $250,000 civil penalty and implement a data…

Click for complete article >>

BlueCross BlueShield Pays $1.5 Million for 2009 Data Breach


A 2009 data breach that has already cost BlueCross BlueShield of Tennessee nearly $17 million got a little more expensive Tuesday. The insurer today agreed to pay $1.5 million to the U.S. Department of Health and Human Services (HHS) to settle Health Insurance Portability and Accountability Act (HIPAA) violations related to the breach. Under the settlement, BlueCross BlueShield has also agreed to review and revise its privacy and security policies and to regularly train employees on their responsibilities under the…

Click for complete article >>

HITECH Law’s First Data Beach Settlement costs HHS $1.5 Million


Last week, BlueCross BlueShield of Tennessee, Inc., agreed to pay $1.5 million to the U.S. Department of Health and Human Services (HHS) for an alleged data security breach. The enforcement action is the first stemming from the Health Information Technology for Economic and Clinical Health Act (HITECH), enacted in early 2009. While BlueCross might have been first to settle, it is unlikely to be the last. Since HHS established its breach notification website in early 2010, the agency has received…

Click for complete article >>

Data Breaches are Getting Even Pricier


The ruling more than a year ago by the 9th US Circuit Court of Appeals in Krottner v. Starbucks was the first in a cascade of legal and regulatory actions that promise to increase the costs of data breaches for US companies. The court ruled that, to take a case to trial, plaintiffs no longer need to show actual harm or imminent threat of harm from a data breach. They simply have to show increased risk of harm. As a…

Click for complete article >>

Protecting The Brand: The Impact Of Data Breaches

Brand Reputation Management

Never mind all those formula Hollywood films about oddly sympathetic adolescents hacking into major government or financial computer systems. In fact, real cybercrime has overtaken terrorism as the central threat to U.S. security, according to FBI director Robert Mueller. The perpetrators may be ideological adversaries based in Iran. They may be gangsters prowling the canyons of Brighton Beach, Brooklyn. The effects were dramatic last year. 2011 saw the largest cybercrime case in history when six Estonians were accused of infecting…

Click for complete article >>

Stratfor Facing $50 Million Lawsuit From Data Breach

Statfor Lawsuit For Data Breach

Austin-based Stratfor, which lost information on thousands of its customers in computer hacking attacks against its website in December, now finds itself under legal fire. Stratfor this week responded in a Texas court to a federal class action suit filed against it in New York. The suit seeks more than $50 million in damages on behalf of customers whose personal and credit card information was lost in the hacking incidents of Dec. 7 and Dec. 24. Click here for full…

Click for complete article >>

Failure To Keep Databases Updated Costs Scottish Council Record Breach Fine

Outdated Databases

Midlothian Council has been handed the largest fine yet for five data protection breaches, including one where a failure to keep its database updated meant sensitive documents were sent to the wrong people. The council was fined a record £140,000 for mishandling sensitive child protection and care data on five occasions in 2011, the Information Commissioner’s Office (ICO) said on Monday. Click here for full article >>

Click for complete article >>
Powered by