The ruling comes nearly three years after a computer theft occurred at the organization.
Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.
About 18,000 doctors had Social Security numbers included in rosters provided to the Department of Managed Health Care by Blue Cross of California.
St. Vincent Breast Center mailed more than 63,000 letters containing personal information to the wrong people due to a clerical error.
A security intelligence report analyzed 150 health care vendors, both small and large.
A Salina Family Healthcare Center employee inadvertently left patient information in a database that was submitted to the National Commission for Quality Assurance.
Riverside County Regional Medical Center has notified 563 patients that their data was on a laptop stolen from a hospital procedure room.
A former employee radiologist accessed and acquired data on as many as 97,000 current and former patients of NRAD Medical Associates.
An investigation into a Rady Children's Hospital breach involving more than 14,000 patients revealed a separate incident involving more than 6,000 patients.
A clinical laboratory technician took patient data home, outside the secured Penn State Hershey Medical Center system.
Adherence to HIPAA, the national law that aims to protect patient information, is about to get trickier, reports Alan Earls.
An employee of Bay Park Hospital in Ohio accessed information on about 600 patients over the course of a year.
More than 1,200 patients of Elliot Hospital in New Hampshire are being notified that their personal information was on four computers that were stolen from an employee's vehicle.
In Georgia, an encrypted laptop and unencrypted USB drive containing information on nearly 3,000 members of health care provider Humana were stolen from an associate's vehicle.
Student and non-student data may have been compromised after keylogger malware was discovered on three computers in the University of California, Irvine, Student Health Center.
The agreement marks the largest HIPAA settlement to date.
Social Security numbers may have been printed on postcards sent to more than 5,000 former members of New Mexico-based Molina Healthcare.
A former UMass Memorial Medical Center employee accessed patient data, and the information could have been used to open commercial accounts.
Unauthorized access may have been gained to the email accounts, which contained patient data, of a small group of Centura Health employees after they responded to phishing emails.
Boston Medical Center fired a vendor that did not use password protection on a website used by physicians to store patient records.
A Texas-based company, Concentra, paid the HIPAA settlement stemming from a 2011 breach.
Roughly 8,830 current and former members of Tufts Health Plan are being notified that their personal information was stolen.
Officials haven't confirmed a DDoS scheme, but noted the attackers hit the hospital's website with large attacks designed to overwhelm it with traffic.
The FBI believes that the lax security systems that the health care industry has in place make it a prime target for cyber attacks.
More than 700 Pennsylvania patients have been impacted after Coordinated Health experienced its second burglary-related data breach within a month.
A Virginia-based chiropractic center is not quite sure what happened to an unencrypted thumb drive, which contained personal information - including Social Security numbers - on more than 5,500 patients.
Nearly 6,500 patients of New York-based Sims and Associates Podiatry may have had personal information compromised after three laptops were stolen.
In the "CyberRx" exercise, many organizations expressed concerns about communicating threat information to integral team members outside IT.
More than 1,400 medical records were compromised after unauthorized access was gained to the health records system used by a Texas cardiology clinic.
An HHS report, based on audits between 2010 and 2012, noted serious vulnerabilities affecting 10 state Medicaid agencies.