Federal Agency Settles Health Privacy Case with Blue Cross for $1.5 Million

The Department of Health and Human Services announced a settlement with Blue Cross Blue Shield after the company’s inadequate security measures allowed 57 unencrypted hard drives containing private health information to be stolen from a facility in Tennessee. The agency cannot issue a fine greater than $1.5 million, but it could have filed criminal charges or requires Blue Cross to mitigate future patient harms. For more information, see EPIC: Medical Privacy.


« EPIC Urges Senate to Safeguard FOIA for Cybersecurity | Main | Open Government Groups Oppose Cyber Security FOIA Exemption »

Share this page:

Support EPIC

EPIC relies on support from individual donors to pursue our work.

Defend Privacy. Support EPIC.

#Privacy

EPIC Bookstore

Machines of Loving Grace

Machines of Loving Grace by John Markoff