HHS and state AGs fine ambulance firm over $500,000, require enhanced security, privacy, and data minimization practices
Data Protection Report·March 6, 2026·fine
Earlier this year, the Attorneys General of Massachusetts and Connecticut entered into settlement agreements with Comstar, LLC, an ambulance billing firm, relating to alleged HIPAA regulation violations in connection with a ransomware incident.  Comstar is a business associate under HIPAA, and state regulators are authorized to enforce HIPAA under the authority granted by the Health... Continue Reading