HHS announced that the insurance company has agreed to the penalty after personal data for more than 600,000 people enrolled in plans was found accessible over the Internet.
Modern Healthcare: WellPoint To Pay $1.7 Million HIPAA Penalty
WellPoint, which serves nearly 36 million people through its affiliated health plans, has agreed to pay a $1.7 million penalty to HHS for potential violations of the privacy and security rules under the Health Insurance Portability and Accountability Act of 1996. Between Oct. 23, 2009, and March 7, 2010, access to personal data for 612,402 people -- their names, dates of birth, addresses, Social Security numbers, telephone numbers and health information -- was made available to unauthorized users as the result of online security weaknesses, HHS said Thursday (Landen and Conn, 7/11).
Reuters: WellPoint Fined $1.7 Million For Exposing Health Data On Internet
Health insurer WellPoint Inc agreed to pay a fine of $1.7 million for allowing health and other personal information from hundreds of thousands of people to be accessed over the Internet, the U.S. Department of Health and Human Services said on Thursday. Security weaknesses in a WellPoint online application database exposed information for 612,402 individuals between October 2009 and March 2010, according to the agency (7/11).