HIPAA Breach Alert: WellPoint fined $1.7M

HIPAA Compliance

March 11, 2017
wellpoint hipaa breach alert|wellpoint hipaa breach settlement

In what is believed to be one of the larger HIPAA breach settlements in recent memory, health insurer WellPoint has agreed to settle with HHS for $1.7M stemming from a 2009 and 2010 incident where WellPoint impermissibly disclosed the ePHI of over 600,000 individuals through an unsecured online application. During its investigation, OCR found that WellPoint had not enacted the appropriate administrative, technical, and physical safeguards mandated under HIPAA.

WellPoint discovered the security and privacy lapses when an applicant to the insurer notified the company that she could access PHI of other policyholders through the WellPoint website application. This event further exemplifies to providers that actual acquisition of PHI by unauthorized individuals is not needed to trigger HIPAA violations. Rather, merely the discovery of unsecured data in any form can be enough to trigger an OCR investigation and lawsuit.

wellpoint hipaa breach settlement
The Author
Krishna Kurapati

Krishna Kurapati is the Founder and CEO of QliqSOFT. He has more than two decades of technology entrepreneurship experience. Kurapati started QliqSOFT with the strong desire to solve clinical collaboration and workflow challenges using artificial intelligence (AI)-powered digital technologies across the U.S. healthcare system.

Related Content

Customer Success Story:

No items found.


Let’s put you in touch with the right person to learn more about use cases, functionality and cost.

Choose your preferred contact:

Thank you! We'll reach out to you soon!

Want the latest in blogs in your inbox?
Subscribe to our blogs for more!

Thank you!
Oops! Something went wrong while submitting the form.