On March 8, the Department of Justice (DOJ) announced the first settlement under its Civil Cyber-Fraud Initiative, as Comprehensive Health Services, LLC (CHS), a global medical services provider, agreed to pay $930,000 in part to resolve False Claims Act (FCA) allegations regarding cyber fraud. The government alleged that CHS contracted with the State Department to provide a secure electronic medical record (EMR) system to store patients’ medical records and submitted claims for the costs of this work, but failed to disclose that it had not consistently stored patients’ medical records on a secure EMR system.
According to the allegations, upon scanning records for the EMR system, CHS staff would leave scanned copies of records on an internal network drive accessible to non-clinical staff. CHS also allegedly did not take adequate steps to maintain the protected medical information exclusively on the EMR system even after staff raised issues with the privacy of the information. The State Department purportedly paid $485,866 for CHS’s claims related to constructing an EMR system and storing medical records on it.
This settlement comes five months after DOJ first announced its Civil Cyber-Fraud Initiative, which aims to target the government’s FCA enforcement efforts at “entities or individuals that put U.S. information or systems at risk by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols,...
A person in his 30s who demanded compensation for alleged foreign substances in cup noodles and the absence of meat in stir-fried pork was sentenced to prison in both the first trial and the appel...