Illinois hospital chain to pay record $5.5M for exposing data about millions of patients

Illinois’ largest hospital chain today agreed to pay a $5.5 million fine by the government for lax data security that led to the exposure of more than 4 million electronic patient records.

The fine against Advocate Health Care Network, the largest ever levied under Health Insurance Portability and Accountability Act (HIPAA) regulations, is a result of the “extent and duration of the alleged noncompliance.”

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) began its investigation in 2013, when the healthcare chain submitted three breach notification reports pertaining to separate and distinct incidents involving its subsidiary, Advocate Medical Group (AMG).

To read this article in full or to leave a comment, please click here