





























New York Attorney General Reaches $500,000 Settlement with Orthopedics Practice Over 2023 Data Breach
New York Attorney General Letitia James recently announced a $500,000 settlement with New York orthopedics practice, OrthopedicsNY, LLP (“OrthoNY”), for allegedly failing to protect patient and employee information, in violation of applicable law. The New York Office of the Attorney General (“OAG”) investigated OrthoNY in connection with a 2023 data breach affecting the personal information of more than 650,000 patients and employees, including the Social Security numbers, driver’s license numbers, and passport numbers of approximately 110,000 individuals.
In addition to the $500,000 settlement, OrthoNY must provide affected individuals with one year of complimentary credit monitoring services. The settlement also requires OrthoNY to strengthen its data security measures, including by:
In the OAG’s press release, Attorney General James emphasized that, “Patients entrust their health care providers with their personal information, and providers must honor that trust by ensuring their systems are secure. OrthopedicsNY failed to do its due diligence to protect patients’ private information. No patient deserves to have their information exposed and my office will continue to enforce the law to protect New Yorkers’ personal data.”
This settlement underscores the OAG’s heightened focus on data security enforcement, building on recent actions against an ed tech provider, multiple auto insurers and a home security video camera company. The growing trend of state attorney general enforcement in this area highlights the importance of considering state data security requirements – alongside HIPAA – when handling patient data.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。