Healthcare News & Insights

Data breach leads to major HIPAA lawsuit

Connecticut is the first state to use new authority under federal law to sue a health care company for HIPAA violations.

The state’s Attorney General is invoking new powers granted by the Health Information Technology for Economic and Clinical Health Act (HITECH) to sue Health Net for a major data breach which led to nearly 450,000 patients’ files being compromised.

A company hard drive went missing in May 2009 — along with patient names, addresses, bank account numbers, Social Security numbers and personal medical records. The drive is presumed by many to have been stolen, but that hasn’t been proven.

After discovering the data loss, Health Net waited six months before notifying clients and regulators about the incident.

So far, there have been no confirmed cases of identity theft among the clients whose information was lost. Health Net has offered them free credit monitoring to reduce the risk.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.


  1. Similarly, twitter got cracked just 2 days ago. Seems that nothing is safe.