EHR Vendor QRS Faces Lawsuit After Healthcare Cyberattack
Health IT Security
QRS, a healthcare technology company that provides EHR services, is now facing a lawsuit in the wake of an August 2021 cyberattack that impacted nearly 320,000 current and former patients.
In the filing, the plaintiff argued that QRS failed to adequately safeguard protected health information (PHI) and said that QRS took two months to notify impacted individuals of the data exposure. However, QRS followed procedure and complied with HIPAA by reporting the breach within 60 days of discovery.
Between August 23 and August 26, an unauthorized third party accessed one QRS dedicated patient portal server and...