[ad_1]
HIPAA/HITECH
,
Standards, Regulations & Compliance
DoJ: Vendor Failed to Patch, Secure Systems for 7 Years
Marianne Kolbasuk McGee (HealthInfoSec) •
March 14, 2023
Federal prosecutors say Jelly Bean Communications Design failed to secure HealthyKids.org website for kids dental insurance in Florida.
A Florida company will pay nearly $300,000 to settle allegations stemming from a 2020 hacking incident that revealed the personally identifying information of hundreds of thousands of minors. The settlement with Jelly Bean Communications Design is part of a federal crackdown on lax cybersecurity.
See Also: 7 Steps to Incorporate Monitoring in Your Compliance Program
The $293,771 settlement resolves civil litigation initiated by the federal government against Jelly Bean Communications Design and Jeremy Spinks – the company’s co-owner, manager and sole employee – after hackers gained access to half a million insurance applications for low-cost health and dental insurance for children aged between 5 and 18.
The Jelly Bean settlement is part of the justice department’s Civil Cyber-Fraud Initiative launched in October 2021.
The effort targets federal contractors “when they fail to follow required cybersecurity standards,” Deputy Attorney General Lisa O. Monaco said at the time.
The state of Florida contracted with Jelly Bean in 2013 to manage the healthykids.org website for the Florida Healthy Kids Corp., the state-created entity that runs the national Children’s Health Insurance Program through a combination of federal and state money.
The…
..
[ad_2]
