Identity Theft News

CVS to pay $2.25 million for HIPAA violation

Thursday, February 19, 2009

CVS Caremark has been ordered to pay $2.25 million to settle federal charges that its employees threw out sensitive patient information in the trash.

According to the FTC, the nation's largest pharmacy chain lacked proper security procedures for discarding patient data when pharmacy workers threw out pill bottles, medication instruction sheets and computerized order information in 2006.

The personal information of patients was protected under the Health Insurance Portability and Accountability Act (HIPAA).

"This is a case that will restore appropriate privacy protections to tens of millions of people across the country. It also sends a strong message to other organizations that possess consumers' protected personal information. They are required to secure consumers' private information," said William E. Kovacic, chairman of the FTC.

CVS has denied any wrongdoing, but decided to settle to avoid costly litigation fees, SCMagazineus.com reports.

In addition to the payment, CVS's more than 6,300 retail pharmacies must establish procedures for disposing of protected health information, implement a training program, conduct internal monitoring and hire an outside assessor to evaluate compliance for three years, according to the FTC.ADNFCR-1765-ID-19034677-ADNFCR

Related News:

Threat of identity theft shows need for online security - 11.19.2009
As Americans live increasingly large portions of their lives on the internet, the possibilities and incentives for remote identity theft increase as well. A report in the New York Times advises caution, and gives tips for constructing an "online bulwark" to prevent theft and fraud.

Wi-Fi network security vulnerable to man-in-the-middle attacks on smart phones - 11.16.2009
Researchers last week revealed a weakness in mobile network security that could allow for so-called "man-in-the-middle" techniques to steal personal information from users of certain types of mobile phones.

FDIC warns banks of money transfer 'mules' duped by cybercriminals - 11.2.2009
In a new warning to banks about illicit electronic fund transfers, the Federal Deposit Insurance Corporation (FDIC) said last week that online bank account theft is rising using "money mules," unwitting job-seekers who are duped by cyber crooks into wiring funds from hacked bank accounts.

Obama addresses cybersecurity awareness in YouTube video - 10.21.2009
Online cyber attacks and identity theft have never been higher, a threat environment that challenges U.S. security every day. President Obama has designated October as National Cybersecurity Awareness Month, which he addressed in a web video last week.

Facebook application security hole exposes millions to hacking, researcher says - 10.19.2009
A security researcher is warning Facebook users about potential vulnerabilities in Facebook applications that could allow cross-site scripting (XSS) hacker attacks for hijacking user accounts.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now