Premera Blue Cross Agrees to $6.85 Million Data Breach Settlement

    Private: Amanda Doran

    On September 25, 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $6.85 million settlement with health insurance company Premera Blue Cross regarding a data breach that affected over 10.4 million people.

    In May 2014, hackers used a phishing email to install malware on Premera’s IT system and steal patient protected health information (PII) until the breach was discovered in January 2015. The OCR investigation found systemic noncompliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules, which will be resolved as part of a corrective action plan included in the settlement agreement.

    Read more at the Department of Health and Human Services

    Need a Data Privacy, Protection, and Security expert?

    If you are in need of an expert with experience in data privacy and data security disputes, we invite you to consider DisputeSoft.