Fla. Health Clinic’s Cyber Insurer to Pay $2.3M HIPAA Settlement

Federal regulators will collect the money directly from 21st Century Oncology’s cyber insurance provider.

Fla. Health Clinic’s Cyber Insurer to Pay $2.3M HIPAA Settlement

21st Century Oncology filed for Chapter 11 bankruptcy in May of this year.

A cyber insurer will pay a $2.3 million HIPAA settlement on behalf of 21st Century Oncology, a Florida-based cancer clinic that filed for Chapter 11 bankruptcy in May.

Officials from HHS’ Office for Civil Rights agreed to allow cyber insurance company Beazley Group to pay the HIPAA settlement, which stems from a 2015 data breach.

The $2.4 million settlement is by far the smaller of two settlements 21st Century Oncology recently reached with the  federal regulators. In a separate incident, the large cancer care clinic settled with the U.S. Department of Justice for $34.7 million following a billing fraud investigation.

The situation is an unusual one for the Office for Civil Rights, which has often said it doesn’t wish to put organizations out of business with HIPAA fines and settlements.

It is also an unusual process of collection for the OCR, according to privacy attorney Adam Greene of law firm Davis Wright Tremaine, who was not involved in the case.

“Normally, the covered entity would pay the settlement or fine and would get reimbursed by the insurer,” Green told Healthcare Info Security. “Here, OCR is going directly to the insurer to receive the payment, which is likely in large part because the covered entity is in bankruptcy proceedings.”

The 2015 data breach affected 2.2 million patient hospital records. The FBI requested the notification be delayed while it investigated, reports Healthcare IT News.

On Dec. 12, 21st Century Oncology settled with the DOJ after the self disclosure relating to the submission of false statements regarding the health clinic’s use of electronic health records (EHR) software. Other statements alleged the clinic violated the False Claims Act by submitting, or causing the submission of, claims for certain services pursuant to referrals from physicians with whom they had improper financial relationships, according to the DOJ’s statement.

Although a Beazley Group spokesperson wouldn’t comment on any specific case, she said it’s information security coverage policies typically include regulatory defense and penalties.

The company 21st Century Oncology is based in Fort Myers and operates 179 treatment centers across the U.S. and Latin America.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Conference promo