Dive Brief: The HHS has reached its second-ever settlement related to a ransomware attack, which exposed the protected health information of more than 14,000 people, the agency announced Wednesday. Maryland-based Green Ridge Behavioral Health agreed to pay $40,000 and implement a corrective action plan after an investigation found potential violations of the HIPAA rule and […]
Merck & Co.’s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin. The settlement will resolve an ongoing legal dispute […]
Fraud Management & Cybercrime , Healthcare , Industry Specific State AG Settlement Comes After 2021 Lorenz Ransomware Attack on Health Center Marianne Kolbasuk McGee (HealthInfoSec) • January 8, 2024 Image: Refuah Health Center The New York attorney general fined a federally funded health center that provides services to underserved communities up to $450,000 […]
Pharmaceutical giant Merck has reportedly reached a settlement with insurers over their refusals to cover losses stemming from the NotPetya cyberattack in 2017. The undisclosed settlement, first reported by Bloomberg Law, is the culmination of a years-long court battle that has attracted attention from the cybersecurity and insurance industries because of its implications for defining […]
Facial recognition technology company Clearview AI has reached a settlement with plaintiffs in a class-action privacy lawsuit after a long court battle, according to a court docket entry filed November 30. The terms of the settlement are not yet public. The docket entry from an Illinois federal court noted that the parties to the case […]
The U.S. Department of Health and Human Services (HHS) agreed to a settlement of $480,000 with Louisiana-based medical group Lafourche Medical Group following a 2021 cyberattack that exposed the sensitive information of nearly 35,000 people. In addition to the monetary penalty, the company agreed to undergo periodic audits by HHS for two years. HHS noted […]
A Massachusetts-based medical management company has agreed to a $100,000 settlement with the U.S. Department of Health and Human Services following a 2017 ransomware attack. The company, Doctors’ Management Services — which provides medical billing and payer credentialing services — was attacked by the now-defunct GandCrab ransomware gang in April 2017, but the intrusion was […]
Search giant Google agreed to a $93 million settlement with the state of California on Thursday over its location-privacy practices. The settlement follows a $391.5 million settlement with 40 states, reached in November 2022, to resolve an investigation into how the company tracked users’ locations. The states’ investigation was sparked by a 2018 Associated Press […]