Aetna to Pay OCR $1M Over 3 Patient Data Breaches, HIPAA Violations
Health IT Security
The Department of Health and Human Services Office for Civil Rights announced it reached a $1 million settlement with Aetna to resolve potential HIPAA violations stemming from three separate patient data breaches in 2017.
The insurance giant has already settled a class-action lawsuit filed by breach victims in January 2018 for $17 million, as well as California for $935,000 in January 2019 and other state attorneys general for more than $600,000 in October 2018.
The OCR settlement stems from three security incidents reported to the agency in 2017. On April 27, Aetna discovered...