Memorial Healthcare Systems Data Breach (2012)

The company that operates six South Florida hospitals has agreed to a $5.5 million settlement with the federal government over patient information that was stolen by two employees. The South Florida Sun Sentinel reported Friday that Memorial Health Care systems reached the agreement with the U.S. Department of Health and Human Services nearly five years after the data breach. Memorial's investigation found the employees stole patient information as part of a plan to file phony tax returns. Health and Human Services said information on 115,143 individuals was accessed in violation of the Health Insurance Portability and Accountability Act, known as HIPAA. MMemorial Healthcare Systems has agreed to pay a $5.5 million settlement to the U.S. Department of Health and Human Services over potential HIPAA violations. The security breach was discovered when Memorial launched an internal investigation in 2012 after two hospital employees stole patients’ personal information to make money filing phony tax returns, said Kerting Baldwin, a spokeswoman Memorial Healthcare System. During its investigation, Memorial discovered that individuals who worked in affiliated physicians’ offices had inappropriately accessed patient information using legitimate login credentials of employees in those offices, Baldwin said.