Albany ENT & Allergy Services settles state charges stemming from two patient data breaches; agrees to spend $2.25M on security program
Briefly

AENT's notification to regulators and affected individuals did not mention ransomware attacks despite being listed on leak sites, revealing a lack of transparency and proper incident disclosure.
The NYS Attorney General's Office settled charges against AENT for $500,000 due to cybersecurity negligence, in addition to AENT's commitment to invest $2.25 million in security improvements.
Repeated incidents highlight AENT's failure to monitor its IT systems and vendors effectively, raising concerns over how securely sensitive patient information is being managed.
Despite facing multiple data breaches, AENT appears to lack robust enforcement responses from federal agencies, showcasing the challenges in holding healthcare organizations accountable for cybersecurity.
Read at Databreaches
[
|
]