February 9, 2023

Data breach costs Banner Health $1.25M in settlement

By: Lindsay Botts

Editor's Note

Phoenix-based Banner Health paid a $1.25 million settlement after potential HIPAA security violations left 2.81 million consumer’s health data exposed in a 2016 data breach, Becker’s Hospital Review reports on February 3.  

The potential violations include lack of analysis to determine risks of electronic health records (EHRs), insufficient system activity monitoring, failure to implement an authentication process, and failure to install adequate security measures to protect EHRs when transmitted electronically.  

HHS’ Office for Civil Rights director Melanie Fontes Rainer warns, “It is imperative for hospitals [to]…be vigilant in taking robust steps to protect their systems, data, and records, and this begins with understanding their risks, and taking action to prevent, respond to and combat such cyberattacks.”  

Banner Health has agreed to implement a corrective action plan to resolve these issues and protect EHR security, Becker’s reports.

Live chat by BoldChat