A complaint has been filed against Medical Informatics Engineering, Inc. and NoMoreClipboard, LLC, for a 2015 data breach of more then 3.9 million individual health information accounts.
MIE and NoMoreClipboard is a web-based electronic health record company headquartered in Fort Wayne, Ind.
Nebraska Attorney General Peterson joined attorneys general from 10 other states and commonwealths in filing the lawsuit.
The complaint alleges the company violated provisions of the Health Insurance Portability and Accountability Act (“HIPAA”) as well as state provisions including Unfair and Deceptive Practice laws, Notice of Data Breach statutes, and state Personal Information Protection Acts.
In a news release, Peterson said Monday that the filing marks the first time state attorneys general have joined together to pursue a HIPAA-related data breach case in federal court.
Between May 7-26, 2015, hackers infiltrated WebChart, a web application, and stole the electronic protected health information of more than 3.9 million individuals, including individual names, telephone numbers, mailing addresses, usernames, hashed passwords, security questions and answers, spousal information (name and potentially dates of birth), email addresses, dates of birth, Social Security numbers, lab results, health insurance policy information, diagnoses, disability codes, doctors’ names, medical conditions, and children’s names and birth statistics, Peterson said.
“State attorneys general play a critical role in safeguarding the privacy and personal information of consumers,” Peterson said in the announcement. “I take this obligation seriously and today’s action serves as a reminder that the business community must take their obligations to protect consumers’ personal information seriously as well.”