December 5, 2023

State, northwest Indiana medical company settle lawsuit over exposure of 45K Hoosiers' data

Listen at IPB News

Article origination IPB News
CarePointe — an ear, nose, throat, sinus and hearing provider — will pay the state $125,000 and develop a written information security program to "protect consumers and ensure further compliance with the law." - Lauren Chapman/IPB News

CarePointe — an ear, nose, throat, sinus and hearing provider — will pay the state $125,000 and develop a written information security program to "protect consumers and ensure further compliance with the law."

Lauren Chapman/IPB News

The state has reached a settlement in its lawsuit against a northwest Indiana medical company over a ransomware event that put personal and protected health information at risk. The agreement includes no admission of guilt on the behalf of the provider.

CarePointe — an ear, nose, throat, sinus and hearing provider — will pay the state $125,000 and develop a written information security program to “protect consumers and ensure further compliance with the law.”

The lawsuit said CarePointe was aware of security risks before a ransomware event exposed the information of about 45,000 Indiana patients. It included two counts for violations of federal HIPAA law and two counts for violations of state data privacy and consumer protection laws.

READ MORE: Rokita under investigation again by Indiana attorney disciplinary commission

The settlement requires CarePointe to develop and maintain systems and plans to protect sensitive patient information. This includes designating an individual to be a “HIPAA security officer” who will be responsible for overseeing the security program.

CarePointe will also have to meet training requirements for all personnel with access to personal information and protected health information, including tabletop exercises to test its “preparedness to respond” to security risks.
 

 

Abigail is our health reporter. Contact them at aruhman@wboi.org.

Copyright 2023 IPB News. To see more, visit IPB News.
Support independent journalism today. You rely on WFYI to stay informed, and we depend on you to make our work possible. Donate to power our nonprofit reporting today. Give now.

 

Related News

FSSA says it may not have Medicaid waiver slots for everyone on waitlists, shares more on dashboard
Judge rules Lutheran breached contract with Indiana physician, can’t enforce noncompete
Report: Most local governments haven't started to spend opioid settlement money