HHS Office for Civil Rights Settles HIPAA Security Rule Investigation with Northeast Radiology

The Office for Civil Rights of the Department of Health and Human Services (HHS) has concluded an investigation into the violation of HIPAA security rules involving Northeast Radiology and its business partner, Alliance Healthcare Services. In March 2020, Northeast Radiology disclosed that its patient data was involved in a breach that Alliance had informed them about in January 2020. TechCrunch had contacted Northeast Radiology in 2019 regarding its unpatched PACS servers. Northeast Radiology agreed to a corrective action plan and a monetary penalty of $350,000.