Consumer Law

Indiana AG Sues Medical Office Over Violation of Consumer Protection, Privacy Laws

Indiana Attorney General Todd Rokita is suing a northwest Indiana medical office over a ransomware event that put personal and protected health information at risk. The lawsuit alleges the provider was aware of security concerns before the data breach.

The lawsuit filed last weekEditSign against CarePointe — an ear, nose, throat, sinus and hearing provider — claims it was aware of security risks prior to a ransomware event in 2021 that exposed the information of about 45,000 Indiana patients.

The lawsuit said an IT vendor identified security concerns in a written HIPAA risk assessment in January that year. That vendor was hired in March to address the issues, but they weren’t fixed before the data breach in June. The state and patients were notified of the data breach in August.

Read the source article at WVXU

Back to top button