NEW YORK - New York Attorney General Eric T. Schneiderman announced Thursday that CoPilot Provider Support Services Inc. agreed to pay $130,000 in penalties and improve its notification and legal compliance program after the company violated General Business Law by waiting over a year to provide notice of a data breach.
CoPilot is a New York corporation used to determine the availability of insurance coverage for some medications.
According to the Attorney General's Office, CoPilot's website administration interface was breached, and an intruder downloaded reimbursement-related records for 221,178 patients.
25,561 of the patients affected were New York residents, and 11,372 of those residents' records included social security numbers.
The Federal Bureau of Investigation opened an investigation at CoPilot's request in mid-February 2016. CoPilot waited until January 18, 2017 to provide formal notice to affected consumers in New York, officials report.
"Healthcare services providers have a duty to protect patient records as securely as possible and to provide notice when a breach occurs. Waiting over a year to provide notice is unacceptable," said Attorney General Schneiderman.
CoPilot argued that the delay was because of the ongoing investigation, but the FBI never instructed CoPilot to defer notification.
"My office will continue to hold businesses accountable to their responsibility to protect customers' private information," Schneiderman said.
Not only will two turkeys be pardoned by the President in a…
A New York community is continuing its push to get rid of crows by…
America's top retailers are gearing up for the biggest shopping…