A medical billing company that has been barred from doing business in Minnesota reached a settlement with the Federal Trade Commission for failing to protect patient data.
Accretive Health, Inc., based in Chicago, was charged with failing to adequately safeguard consumers' personal information, such a medical information, Social Security numbers and billing information.
The FTC said in July 2011, a company laptop was stolen from an employee's car that contained 20 million pieces of information on 23,000 patients.
"The Commission alleges that Accretive created unnecessary risks by transporting laptops that contained sensitive personal information in a way that left them vulnerable to theft," the FTC said in a statement.
Under the terms of its settlement, which was announced Tuesday, Accretive must design a program that would safeguard patient information. The program would then be evaluated every two years by a certified third party.
Attorney General Lori Swanson banned Accretive from collection activity in 2012 for at least two years and charged Accretive $2.5 million for allegedly deceiving patients, harassing them for money in emergency rooms and mishandling patient data at Fairview and North Memorial hospitals.