Anchorage Community Mental Health Services has agreed to settle with the Department of Health and Human Services to resolve potential violations of the HIPAA Security Rule arising from the breach of electronic protected health information (ePHI) concerning 2,743 patients.  The breach was caused by malware on Anchorage’s network.  Anchorage will pay HHS $150,000 and revise its data security policies and procedures to comply with the Security Rule.