Hospital Billing System Failure Leads to $2.175 Million Settlement Following Data Breach

    Private: Amanda Doran

    On November 27, 2019, Sentara Hospitals agreed to pay $2.175 million to settle an April 2017 complaint alleging violations of the Health Insurance Portability and Accountability Act’s (HIPAA) Privacy, Security, and Breach Notification Rules.

    An investigation conducted by the U.S. Department of Health and Human Services, Office for Civil Rights revealed that a mail merge malfunction caused the hospital system to send 577 billing statements containing protected health information (PHI) to the wrong patients.

    Read the Resolution Agreement

    Need a Data Privacy, Protection, and Security expert?

    If you are in need of an expert with experience in data privacy and data security disputes, we invite you to consider DisputeSoft.