Indiana AG Sues Apria Healthcare for Data Breach(ing HIPAA Duties)

Cozen O'Connor
Contact

Cozen O'Connor

  • Indiana AG Todd Rokita sued home healthcare equipment and services provider Apria Healthcare, LLC for allegedly failing to investigate and inform consumers regarding data breaches beginning in 2019 in violation of state data security and consumer protection laws and Health Insurance Portability and Accountability Act (HIPAA) rules.
  • According to the complaint, Apria allegedly failed to implement HIPAA policies and procedures to safeguard protected health information (PHI), failed to detect unauthorized access to its network in 2019 and 2021, failed to restrict access to its website through which consumers could submit PHI and personal information after it became aware that there was an intruder in its system, and failed to inform over 1.8 million affected consumers nationwide of the breach until 2023.
  • The lawsuit seeks injunctive relief, civil penalties, attorney’s fees and costs, and restitution, among other relief.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Cozen O'Connor

Written by:

Cozen O'Connor
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Cozen O'Connor on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide