Patient data was stolen in a hack. Senators say no one told the patients about it

A bipartisan pair of senators accused a major health care firm that was hit by a cyberattack of not complying with federal law that requires patient data breach notifications. The senators demanded that the firm take responsibility for informing patients and health providers about the breach. The Department of Health and Human Services is investigating the firm’s compliance with the law. The cleanup from the cyberattack has been complicated, as it affected the processing of medical claims, causing financial difficulties for health care providers. The CEO of the firm stated that it may take several months to identify and notify those affected by the attack. The incident has highlighted the need for stricter cybersecurity standards in the health care industry.