Lexology December 12, 2023
Crowell & Moring LLP

Last week, the Office for Civil Rights (“OCR”) announced a settlement with Lafourche Medical Group (“LMG”), a Louisiana medical group, for a 2021 phishing attack and breach that affected the protected health information (“PHI”) of 34,862 individuals. In addition to paying $480,000 to OCR, LMG agreed to a corrective action plan that will include implementing security measures to protect electronic PHI, developing written policies and procedures to comply with HIPAA rules, and training staff members.

Through a phishing attack, in March 2021, a hacker gained access to an owner’s email account. The email account contained patients’ PHI, and because LMG was unable to determine the specific patients affected, it notified all 34,862 of its patients. OCR investigated and found that...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, HHS, Provider
Related Articles:
Cofactor AI Nabs $4M to Combat Hospital Claim Denials with AI
Shifting Our Healthcare Delivery Model from Reactive to Proactive
Trinity Health back in the black in Q1
109 hospitals receiving new Medicare-backed residency slots
Mayo develops new AI tools

Share This Article