EMR Data Breach Ends in $3 Million Settlement

    Amanda Doran

    On November 5, 2019, the University of Rochester Medical Center (URMC) reached a settlement under which the medical system agreed to pay $3 million to the U.S. Department of Health and Human Services (HHS) for alleged privacy and security violations of the Health Insurance Portability and Accountability Act (HIPAA).

    The investigation involved breach reports filed in 2013 and 2017 regarding “the loss of an unencrypted flash drive and theft of an unencrypted laptop” that contained patient protected health information (PHI).

    Read more at Total Security

    Need an expert?

    DisputeSoft provides expert consulting and testimony to assist counsel in cost-effectively resolving software failure, intellectual property, and computer forensics disputes.