Learning From Blue Cross Data Breach Settlement

Law360, New York (March 16, 2012, 3:11 PM EDT) -- Blue Cross and Blue Shield of Tennessee (BCBST) has agreed to pay $1.5 million to the U.S. Department of Health and Human Services and enter into a corrective action plan (CAP) to settle alleged violations of the Health Insurance Portability and Accountability Act privacy and security regulations.

The enforcement action arose from the theft of 57 hard drives that contained audio and video recordings of customer service calls and included electronic protected health information (ePHI) of over one million individuals. The settlement resolves HHS’s first enforcement...
To view the full article, register now.