OCR investigating Banner Health’s 2016 data breach
Evan Sweeney reports:
Already fending off a class-action lawsuit, Banner Health is also the subject of an ongoing federal investigation into a June 2016 cyberattack that exposed patient data.
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) launched an investigation in the aftermath of the attack that exposed data for 3.7 million patients at 27 locations, according to year-end financials (PDF) released by the Phoenix, Arizona-based health system. Banner says it is cooperating with the investigation, but OCR has said the health system’s initial responses to questions about past security assessment activities are “inadequate.”
Read more on FierceHealthcare.