;

Fla. Health Clinic’s Cyber Insurer to Pay $2.3M HIPAA Settlement

Federal regulators will collect the money directly from 21st Century Oncology’s cyber insurance provider.

Fla. Health Clinic’s Cyber Insurer to Pay $2.3M HIPAA Settlement

21st Century Oncology filed for Chapter 11 bankruptcy in May of this year.

A cyber insurer will pay a $2.3 million HIPAA settlement on behalf of 21st Century Oncology, a Florida-based cancer clinic that filed for Chapter 11 bankruptcy in May.

Officials from HHS’ Office for Civil Rights agreed to allow cyber insurance company Beazley Group to pay the HIPAA settlement, which stems from a 2015 data breach.

The $2.4 million settlement is by far the smaller of two settlements 21st Century Oncology recently reached with the  federal regulators. In a separate incident, the large cancer care clinic settled with the U.S. Department of Justice for $34.7 million following a billing fraud investigation.

The situation is an unusual one for the Office for Civil Rights, which has often said it doesn’t wish to put organizations out of business with HIPAA fines and settlements.

It is also an unusual process of collection for the OCR, according to privacy attorney Adam Greene of law firm Davis Wright Tremaine, who was not involved in the case.

“Normally, the covered entity would pay the settlement or fine and would get reimbursed by the insurer,” Green told Healthcare Info Security. “Here, OCR is going directly to the insurer to receive the payment, which is likely in large part because the covered entity is in bankruptcy proceedings.”

The 2015 data breach affected 2.2 million patient hospital records. The FBI requested the notification be delayed while it investigated, reports Healthcare IT News.

On Dec. 12, 21st Century Oncology settled with the DOJ after the self disclosure relating to the submission of false statements regarding the health clinic’s use of electronic health records (EHR) software. Other statements alleged the clinic violated the False Claims Act by submitting, or causing the submission of, claims for certain services pursuant to referrals from physicians with whom they had improper financial relationships, according to the DOJ’s statement.

Although a Beazley Group spokesperson wouldn’t comment on any specific case, she said it’s information security coverage policies typically include regulatory defense and penalties.

The company 21st Century Oncology is based in Fort Myers and operates 179 treatment centers across the U.S. and Latin America.

Add Another Layer of Protection to your Campus

If you’re responsible for protecting a campus — whether at a hospital, K-12 school, college or university — then Campus Safety magazine is a must-read, and it’s free! As the only publication devoted to those public safety, security and emergency management personnel, issues cover all aspects of safety measures, including access control, video surveillance, mass notification, and security staff practices.

Take advantage of a free subscription to Campus Safety today, and add its practical insights, product updates and know-how to your toolkit. Subscribe today!


Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters