West Virginia: Settlement Reached in Medical Data Breach

In coordination with 16 other state attorneys general, West Virginia AG Patrick Morrisey has reached a settlement concerning a data breach involving health records company Medical Informatics Engineering Inc. (MIE)

The breach, which occurred in May 2015, exposed the medical records of more than 3.9 million individuals.

Collectively, the attorneys general allege that hackers broke into an MIE web application known as WebChart, and stole electronic health information.

According to Huffington News, the case is regarded as the nation’s first multi-state data breach lawsuit involving the Health Insurance Portability and Accountability Act (HIPAA).

In a statement, Attorney General Morrisey said:

Businesses must take adequate and reasonable measures to ensure the protection of their computer systems, …Any business that fails to safeguard patients’ personal health information can cause significant harm to consumers across our state and nation.

The settlement, which was approved by a federal judge in May, requires the defendants to pay $900,000 to member states, and take additional steps to protect personal information. This must include hiring a third party firm to analyze and identify potential security risks. West Virginia’s proportional share of the payout is $21,187.

According to the AG’s office, the lawsuit resolves allegations that MIE violated provisions of HIPAA, as well as state claims including unfair and deceptive practice laws.

West Virginia joined the Indiana-led lawsuit along with Arizona, Arkansas, Connecticut, Florida, Iowa, Kansas, Kentucky, Louisiana, Michigan, Minnesota, Nebraska, North Carolina, Tennessee and Wisconsin.

You can read the court’s consent decree here.

Sources: WV AG’s Office, Huffington News

Contact the author
Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Contact Our Team Today
Your confidential, no obligation discussion awaits.