A management company that serves hospitals will pay a $2.3 million fine for a data breach that exposed information of more than 6 million people, the U.S. Department of Health and Human Services said.
Franklin, Tenn.-based CHSPSC LLC will also be monitored for two years to prevent additional exposures, the department’s civil rights office said in a statement.
Hackers in April 2014 used compromised administrative credentials to access CHSPSC’s information system through a virtual private network, according to the corrective action plan between the company and agency. The attacks affected 237 covered entities served by the company and included over ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.