The company failed to adequately protect electronic protected health information, violated HIPAA laws, and lacked sufficient monitoring and policies to prevent and address cyberattacks.
Source: cyware.com