FORT WAYNE, Ind. (WPTA) – Medical Informatics Engineering has paid a six figure penalty after hackers gained access to protected electronic medical information.
The fine was levied against the company by the US Department of Health and Human Services. Federal investigators say the company violated the Health Insurance Potability and Accountability Act or HIPPA, privacy rules.
The data breach happened on July 23, 2015. The company found that hackers used a compromised user ID and password to access the electronic medical records of about 6.3 million people. According to federal investigators, the company did not conduct a comprehensive risk analysis before the breach occurred, which is a violation of federal regulations.
“Entities entrusted with medical records must be on guard against hackers,” said Office of Civil Rights Director Roger Severino. “Failure to identify potential risks and vulnerabilities opens the door to breaches and violates HIPPA.”
In addition to the fine, the company has agreed to take “corrective action” to comply with HIPPA rules.
According to the company, Medical Informatics Engineering maintains “a secure, web-based, private communication network enabling healthcare providers to transmit and share electronic information.”
The company recently announced plans to open an office in the “Electric Works” development near downtown.