New York-based law firm Heidell, Pittoni, Murphy & Bach LLP must pay $200,000 in penalties to the state and improve its cybersecurity practices after an investigation by state Attorney General Letitia James found it responsible for a 2021 data breach.
The firm, whose clients include hospitals, experienced a cyberattack in November 2021 that exposed the private data of over 114,000 patients—including names, birthdates, Social Security numbers, and health information—the investigation found.
Heidell Pittoni violated New York law pertaining to data breaches and failed to comply with several standards required by the federal healthcare privacy law, the Health Insurance Portability and ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.