Health Insurance Company Fined $1.7 Million
DATA LOSS—U.S.July 12, 2013
The U.S. Department of Health and Human Services (HHS) has announced that insurance provider WellPoint has agreed to pay a $1.7 million fine for inadequately protecting a database containing more than 600,000 personal records, according to an HHS press release. Between October 2009 and March 2010, the health data of 612,402 individuals—including names, addresses, birth data and Social Security numbers—was accessible online. IT World reports the investigation revealed WellPoint “did not have adequate policies and procedures for access to the online application database” that was breached and did not have “technical safeguards” in place for access verification.