News & Insights

  • Clear

AG James Gives Health Care Provider’s Data Security a Checkup Following Ransomware Attack

New York AG Letitia James settled with Refuah Health Center, Inc. to resolve allegations the health care provider violated the HIPAA Security Rule and Breach Notification Rule, as well as New York’s General Business Law, by employing poor data security that allowed cyberattackers to access the personal and private information of approximately 250,000 New Yorkers.

Read More

AG James Seeks to Cancel Onerous Consumer Cancellation Processes

New York AG Letitia James settled with Cerebral, Inc. to resolve allegations that the online mental health provider required consumers to go through a lengthy, multi-step process to cancel their subscriptions; continued to charge some consumers after they cancelled; and directed employees to submit positive reviews, “downvote” negative reviews, and ask consumers to remove negative…

Read More

$1.45 Million Settlement is a Bitter Pill to Swallow

North Carolina AG Josh Stein settled with Med First Immediate Care and Family Practice, P.A. to resolve False Claims Act allegations that the clinic operated as a “pill mill” for opioid prescriptions. According to the AG’s office, Med First allegedly filed false claims with Medicare and Medicaid for unnecessary testing, office visits that did not…

Read More

No X-Ray Vision Necessary for this Security Breach

New York AG Letitia James settled with US Radiology Specialists, Inc. to resolve allegations that the private radiology group violated New York’s Executive Law and General Business Law by failing to adequately protect patients’ personal health information (PHI) and private information (PI). AG James alleges that US Radiology failed to quickly update its firewall after…

Read More