...for the privilege of a proposed settlement following a 2018 data breach is not a great headline.
UnityPoint Health exposed more than 1.4M patients' ePHI following two successful 2017 & 2018 phishing attacks. Each patient may collect up to $1,000, identity monitoring and credit reporting services oversight.
As we've maintained over the years, the Office of Civil Rights isn't (normally) going to impact your organization's profit and loss statement as much as a civil lawsuit costs. Additionally, most clinics and hospitals are within driving distance of their competition and we predict that more people will impact businesses by changing providers following any post-breach impacts. Hopefully this "to the point" post does its job.
Stay (HIPAA) safe,