Latham-based OrthopedicsNY is paying $500,000 in penalties over failure to protect patient information related to a 2023 data breach, the New York Attorney General’s office said Dec. 26.
An investigation from the Office of the Attorney General found that cyber-attackers could steal patient data because the practice’s system wasn’t properly protected, according to a news release. The 2023 data breach affected more than 650,000 patients and employees.
The OAG’s settlement includes the $500,000 fine and requires the practice to “significantly strengthen its data security to secure patient data.” Data security measures will include annual risk assessments, encrypting patient and employee data and establishing a system to monitor networks for suspicious activity.
At the Becker's 23rd Annual Spine, Orthopedic and Pain Management-Driven ASC + The Future of Spine Conference, taking place June 11-13 in Chicago, spine surgeons, orthopedic leaders and ASC executives will come together to explore minimally invasive techniques, ASC growth strategies and innovations shaping the future of outpatient spine care. Apply for complimentary registration now.
