Heartland Payment Systems spent another $19.4 million in the second quarter to respond to the massive data breach it revealed in January. The Princeton, N.J. payment processor previously reported that it doled out $12.6 million in the first quarter -- mostly to cover a MasterCard fine -- as a result of the incident, considered the largest reported breach of all time. Founder and CEO Bob Carr, in a conference call Wednesday, said much of the $19.4 million is to settle claims related to the hacker intrusion. In total, the company bore a net loss of $2.6 million in the second quarter, compared to an $11.5 million net gain in the same quarter last year. — DK
The FTC Health Breach Notification Rule was enacted 10 years ago to protect the privacy and security of consumer health data not covered by HIPAA, but it was never enforced. A policy decision enacted on Sept. 15 will change that.