The Department of Health and Human Services reduced its fines for violations of HIPAA — the law requiring health care industries to protect customer data, according to a notice this week in the Federal Register. Driving the news: The new rules reduce a maximum fine of $1.5 million to a maximum fine of $250,000.

East River Medical Imaging Says Nearly 606,000 Affected