Close Close
ThinkAdvisor

Life Health > Health Insurance > Health Insurance

WellPoint to pay $1.7M in online privacy inquiry

X
Your article was successfully shared with the contacts you provided.

NEW YORK (AP) — The U.S. Department of Health and Human Services said Thursday that health insurer WellPoint Inc. (NYSE:WLP) will pay $1.7 million to resolve allegations it left the information of more than 612,000 members available online because of inadequate safeguards.

The agency said that between Oct. 23, 2009 and March 7, 2010, security weaknesses in an online application database left the information of 612,402 people accessible to unauthorized users. That information included names, birthdates, addresses, telephone numbers, Social Security numbers, and health data.

The Health and Human Services Department said WellPoint didn’t have adequate policies for authorizing access to the database, didn’t perform a needed technical evaluation after a software upgrade, and did not have technical safeguards to verify that the people or entities seeking access were authorized to view the information in the database.

More on this topic

WellPoint, which is based in Indianapolis, reported the breach to HHS. The department then started an investigation, saying WellPoint’s actions may have violated the Health Insurance Portability and Accountability Act (HIPAA).

See also: