Indiana Included in Data Breach Judgment

Indiana Attorney General Curtis Hill.

A U.S. District Court judge has signed a consent judgment related to a multi-state lawsuit against a Fort Wayne-based electronic health records company. The suit alleged Medical Informatics Engineering Inc. and NoMoreClipboard LLC sustained a data breach compromising the data of more than 3.9 million people.

Indiana Attorney General Curtis Hill filed the lawsuit in December, which also involved 15 other state attorneys general. As a result of the consent judgment, the 16 states will receive $900,000 in payments, with Indiana receiving nearly $175,000. 

According to the lawsuit, hackers infiltrated a web application run by MIE called WebChart and stole the electronic Protected Health Information of more than 3.9 million people, including names, phone numbers, usernames, passwords, Social Security numbers and various forms of medical information.

"Hoosier consumers trust us to look out for their interests," Hill said in a news release. "Once again, we have acted on their behalf to pursue the appropriate penalties and remedies available under the law. We hope our proactive measures serve to motivate all companies doing business in Indiana to exercise the highest possible ethics and the utmost diligence in making sure their systems are safe and secure."

Hill says MIE has cooperated with his office since the beginning of the investigation into the hacking. 

"To their credit, MIE’s management has taken this entire issue seriously. All along, they have expressed concern for those whose data was compromised. Even as we pursued the appropriate actions to protect consumers, we also appreciated MIE’s willingness to work with us."