Health Net Fined $55K for Data Breach
The complaint filed January 14 says Health Net's six-month delay in notifying Vermont residents violates the Security Breach Notice Act. That law requires data collectors to notify affected individuals of security breaches "in the most expedient time possible and without unreasonable delay."
Health Net violated HIPAA by failing to secure PHI and breached the Consumer Fraud Act by misrepresenting the risk posed to affected individuals in the company's notice letters.
The complaint and proposed consent decree were filed in the U.S. District Court for the District of Vermont. The consent decree must be approved by a judge before it takes effect.
"Health Net has taken significant steps to assure that our members are protected," Health Net says. "We have offered two years of free credit monitoring services for all impacted members who elect this service. This service also includes $1 million of identity theft insurance coverage, as well as fraud resolution and credit and identity restoration services at no cost to the members."
Health Net not only settled with the Connecticut state attorney general's office (for $250,000) but also with the Connecticut Insurance Commission, which reached a settlement with Health Net in which the insurer had to pay the state $375,000 in penalties for failing to safeguard the personal information of its members from misuse by third parties.
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- 3 Favorite Nursing Trends of 2013
- Hospital Compare Adds Infection, Stroke, Readmissions Data
- ICD-10: Minimizing the Financial Hit
- HIT in 2014: Portal Perils and Half-Built Houses
- Intelligence Report: Cost-Containment Expertise
- SGR Bill's Payment Transparency Provision Elicits Concern
- How One Provider is Saving Millions on Imaging Equipment
- SGR Repeal Bill Holds Extra Promise for Rural Hospitals
- HL20: Martin Makary, MD—Pushing to Improve Transparency and Quality Standards
- HL20: David Green—Disruptive Innovator Touches Millions of Lives