WellPoint Dinged $1.7 million by HHS for Health Data Leak | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

WellPoint Dinged $1.7 million by HHS for Health Data Leak

July 12, 2013
by Gabriel Perna
| Reprints

WellPoint, a large health payer headquartered in Indianapolis, will pay $1.7 million to the U.S. Department of Health and Human Services (HHS) for a data breach that left the protected health information (PHI) of 612,402 people accessible to unauthorized individuals over the Internet during the course of a five month period.

The PHI of these individuals included names, dates of birth, addresses, Social Security numbers, telephone numbers and health information. The fine is one of the largest HHS has ever doled out for a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. In June of last year, Alaska Department of Health and Social Services (DHSS) and the state Medicaid agency, agreed to pay $1.7 million as well, for a PHI-related data leak.

According to HHS, the HHS Office for Civil Rights (OCR) investigated the breach after WellPoint submitted a report, as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act. Their investigation discovered that WellPoint failed to implement policies and procedures for authorizing access to the on-line application database and perform appropriate technical evaluations to a software upgrade to its information systems.

HHS also implied that WellPoint did not have technical safeguards in place to verify the person or entity seeking access to PHI maintained in its application database. The breach, HHS says, happened from Oct. 23, 2009, until Mar. 7, 2010.

In a statement to Reuters, WellPoint said it made changes to prevent it from happening ever again as soon it is happened.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



KLAS Research: Small Hospitals’ Buying Decisions Impacting EMR Market Share

A new KLAS Research report tracks shifts in electronic medical record (EMR) vendor market share among acute care hospitals, and finds that smaller hospitals are seeking technology solutions that meet their needs and limited budgets, and these contracts are making a mark on the EMR market.

Survey: Majority of Providers Predict Success for New Generic Drug Company, Project Rx

Back in January, four health systems, in consultation with the VA, announced a collaboration to develop a new, not-for-profit generic drug company. A survey has found that 90 percent of providers say they would become customers of the new venture.

Personalized Medicine Awareness Low Among U.S. Adults, Survey Finds

Genetics and personalized medicine are not top of mind for the general public in the U.S., according to a recent survey from GenomeWeb and the Personalized Medicine Coalition.

Industry Organizations Praise Senate Passage of VA Mission Act

The U.S. Senate on Wednesday passed, by a vote of 92-5, a major Veterans Affairs (VA) reform bill that includes health IT-related provisions to improve health data exchange between VA healthcare providers and community care providers.

NIH Issues Funding Announcement for All of Us Genomic Research Program

The National Institutes of Health’s (NIH) “All of Us” Research Program has issued a funding announcement for genome centers to generate genotype and whole genome sequence data from participants’ biosamples.

MGMA: Physician Compensation Data Illustrates Nationwide PCP Shortage

Primary care physicians’ compensation rose by more than 10 percent over the past five years, representing an increase which is nearly double that of specialty physicians’ compensation over the same period, according to the Medical Group Management Association (MGMA).