The protected health information (PHI) of 40,000 people has been exposed following a recent cyberattacks on three separate healthcare providers which focused on employee email…
Most HIPAA Entities ensure exactly what they need to provide new members of staff in relation to HIPAA training when they join the organization. The…
Tt has been revealed that the University of Houston College of Optometry had its databases infiltrated when an unauthorized person obtained access to the network…
Five financial penalties related to HIPAA Right of Access breaches have been sanctioned by the HHS’ Office for Civil Rights (OCR), in line with its…
An individual, a former healthcare worker at New York’s Huntington Hospital, who illegally accessed the PHI in 13,000 patient records is facing a potential criminal…
Any health information manager working for a HIPAA entity will be seeking to ensure that they are doing everything possible to prevent a HIPAA breach…
A cyberattack on the Southern Ohio Medical Center (SOMC) in Portsmouth, OH, resulter in the healthcare facility diverting ambulances to alternative healthcare centers. In addition…
It has been revealed that illegal access of the databases of Baywood Medical Associates, operating as Desert Pain Institute (DPI) in Mesa, AZ, has taken…
It has been discovered by the University Hospital Newark (NY) that the PHI of thousands of patients has been stolen by a former member of…
ReproSource Fertility Diagnostics a Malborough, MA-based clinic has experienced a ransomware attack that allowed cybercriminals to illegally gain access to databases that were holding the…
It has been revealed that the U.S. Vision Inc. subsidiary, USV Optical Inc. suffered a security breach when cybercriminals were able to obtain access to…
Following a highly sophisticated cyberattack, believe to have been managed by a nation state threat actor, the Alaska Department of Health and Social Services (DHSS)…
Due to a a January 2021 cyberattack, USA Waste-Management Resources, LLC has begun getting in touch with a range of internal members of staff and…
It has been confirmed that an unauthorized third party was able to access the network of UNM Health, possibly obtaining access to and downloading files…
A security breach that occurred during June 2021 at Electromed Inc. that involved unauthorized people obtaining access to the groups databases. The New Prague, Michigan…
On June 4, 2021 it was discovered by Manitowoc, WI-based Forefront Management, LLC and Forefront Dermatology, S.C. that unauthorized people had obtained access to…
On June 4, 2021 Forefront Management, LLC and Forefront Dermatology, S.C. discovered that unauthorized access had been obtained to its databases which could have resulted…
A class action lawsuit filed by those impacted in a 2.96 million-record data breach, discovered in 2019, against Dominion National has resulted in a settlement…
Service Employees International Union 775 (SEIU 775) Benefits Group, a benefits administrator for home healthcare and nursing home staff, has been infiltrated by a hacking…
The Department of Health and Human Services’ Office for Civil Rights (OCR) has revealed that a HIPAA breach settlement has been agreed with Peachstate Health…
Recently there has been a lot of discussion in relation to employers asking their staff if they have had their COVID-19 vaccine and whether enquiring…
Health Plan of San Joaquin (HPSJ) has revealed that an unauthorized actor obtained access to its email databases and may have been able to infiltrate…
When it come to HIPAA training and how often it should be scheduled both the HIPAA Privacy Rule and HIPAA Security Rule have training provisions…
It has been discovered that a contractor used by a former vendor of Doctors Medical Center of Modesto (DCM) in California mistakenly breached patient data…
Following a cyberattack in which protected health information was stolen, CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC) is alerting its impacted clients….
Ridgewood, NJ-based Village Plastic Surgery has reached a HIPAA settlement agreement with the HHS’ Office for Civil Rights to resolve possible violations of the HIPAA…
A historic data breach which impacted the protected health information (PHI) of 79,100 clients Gore Medical Management, a medical practice firm located in Griffin, GA,…
Hospital must adhere with the HIPAA Privacy, Security, and Breach Notifications Rules and put in place security measure to stop HIPAA breaches. However, even with…
The past 12 months were very year for ransomware attacks on the healthcare sector. One of the worst of these was suffered by the King…
A ransomware attack took place on the Sierra Vista, the Arizona-based ophthalmology and optometry supplier Cochise Eye and Laser on January 13, 2021. This attack…
It has been discovered that an unauthorized individual gained access to the email account of an employee at Grand River Medical Group in Dubuque…
In Ramsey County, MN the County Manager’s Office has begun issuing alerts to 8,687 clients of its Family Health Division ro make them aware that…
University of Michigan associate professor Kevin Fu has been appointed by the U.S. Food and Drug Administration (FDA) as its first director of medical device…
Health insurer provider Excellus Health Plan has agreed to pay a $5.1m penalty with the Department of Health and Human Services’ Office for Civil Rights…
In relation to policing compliance with the Health Insurance Portability and Accountability Act Rules state Attorneys General play a major part. State attorneys general have…
In the latter half of 2020 the joint CISA, FBI, and HHS cybersecurity advisory issued an alert for the healthcare and public health sectors as…
The Department of Health and Human Services’ Office for Civil Rights has released new information in relation to the Health Insurance Portability and Accountability Act…
60,545 subscribers to Tufts Health Plan have had their protected health information infiltrated as result of a phishing attack on the vision benefits management firm…
Dental Care Alliance, LLC, a dental support group with over 320 affiliated dental practices spread across 20 states, has been hacked and the protected health…
Hackers using Ragnar Locker ransomware have increased up their activity and have been focusing on companies and groups in a number of different sectors, according…
The HHS’ Civil Rights Office has publicly acknowledged its 18th HIPAA financial penalty of the year, with the 12th fine under its HIPAA Right of…
An update on ransomware activity targeting the healthcare and public health sectors has been released by the HHS’ Office of the Assistant Secretary for Preparedness…
An additional two hospitals have been impacted by ransomware attacks that have resulted in their computer networks being offline and medics having to use pen…
Universal Health Services has revealed the every one of its 250 United States based hospitals are 100% back in action following a suspected ransomware attack….
PrairieVille is a Magnolia Pediatrics based in LA and is now notifying 12,861 of its patients that a ransomware attack has potentially compromised some of…
A new version of the Security Risk Assessment (SRA) Tool has been released by the Department of Health and Human Services’ Office for Civil Rights….
Bronx, New York based Montefiore Medical Center has dismissed a member of staff in relation to the alleged theft of the protected health information of…
The update to the Security Risk Assessment (SRA) Tool of the Department of Health and Human Services’ Office for Civil Rights (OCR) has been updated…
The discovery of a security flaw IoT device components could allow cybercriminals to illegally obtain valuable private data or use the devices in further cyberattacks….
At the time that the HITECH ACT was passed, 2009, it was referred to as “the most important piece of healthcare legislation to be passed…
Long Island City, NY-located Boyce Technologies Inc, which produces transport communication systems and recently changed its production facilities to provide ventilators for hospitals during the…
In Washington, the House of Representatives has voted to remove the ban on the Department of Health and Human Services using federal funds to create…
The HHS’ Office for Civil Rights has sanctioned a $1,040,000 HIPAA fine on Lifespan Health System Affiliated Covered Entity (Lifespan ACE) following the discovery of…
The HHS’ Office for Civil Rights (OCR) has revealed that a $25,000 settlement has been agreed with Metropolitan Community Health Services to settle breaches of…
What are the civil penalties for knowingly breaching HIPAA laws? What is the highest possible financial penalty for a HIPAA violation and when are fines…
The HHS’ Office for Civil Rights (OCR) has revealed that a $25,000 settlement has been agreed with Metropolitan Community Health Services to settle breaches of…
The Senate Health, Education, Labor, and Pensions (HELP) Committee is pondering which of the 31 recent amendments to telehealth policies should remain in place when…
When patients suffer from an infectious respiratory disease like COVID-19, the immune system creates antibodies that put in place protection if the pathogen is another…
The HIPAA regulations for SMS do not specifically rule out the implementation of a “Short Message Service” to share Protected Health Information (PHI), but they…
Healthcare provider Aveanna Healthcare is facing a potential class action lawsuit in relation to a data breach that took place during 2019 which impacted 166,000…
The Healthcare Insurance Portability and Accountability Act states that a person (or persons) within a Covered Entity or Business Associate must be given the duties…
In separate incident employees based in Michigan and Illinois have been fired from their positions due to their involvement in HIPAA violations. At Ann &…
Management and Network Services (MNS), LLC, a Dublin, OH-located supplier of administrative support services to post-acute healthcare providers, has revealed that the email accounts of…
The Fortune 500 company Magellan Health has announced it experienced a ransomware attack in April that resulted in the encryption of files and theft of…
The protected health information of more than 10,000 patients has been impacted in a phishing attack no the Onamia, MN-based Mille Lacs Health System Phishing…
HIPAA states that covered entities must conduct training for staff to ensure HIPAA Rules and regulations are fully comprehended. As part of this HIPAA training,…
The most recent Patient Record Scorecard Report from Ciitizen has shown that there has been a welcome improvement in compliance with the HIPAA Right of…
Compliancy Group has revealed that Safe Partner Inc. has been able to show the establishment of a strong HIPAA compliance program and has successfully completed…
Connecticut -based Saint Francis Healthcare Partners is contacting 38,529 patients to make them aware that some of their protected health information may have been obtained…
A HIPAA business associate agreement (BAA) is contract between a HIPAA-covered entity and a vendor that is providing a service to that covered entity. They…
The HHS’ Office for Civil Rights (OCR) has released guidance to healthcare providers to reinforce the point that the HIPAA Privacy Rule forbids media and…
Breaches of HIPAA often occur due to a lack of comprehension of HIPAA requirements, particularly in relation to healthcare workers breaching the data privacy legislation….
A completed HIPAA release form must be handed over by a patient before their protected health information can be disclosed to other individuals or groups,…
On February Patch Tuesday, 2020, Microsoft made available a patch for a critical flaw the impacts Microsoft Exchange Servers which could possibly be targeted by…
The Sparks, NV orthodontics practice, Andrews Braces suffered a ransomware attack on February 14, leading to the encryption of patient data. A resulting investigation determining…
Stockdale Radiology in California has revealed that patient data has been impacted due to a ransomware attack thsat occurred on January 17, 2020. An internal…
Washington University School of Medicine making 14,795 oncology patients aware that some of their PHI may have been impacted in a phishing attacking during January…
The McHenry County Health Department in Illinois has been refusing to hand over the names of COVID-19 patients to 911 dispatchers to safeguard the privacy…
The HHS has released a Notice of Enforcement Discretion covering healthcare suppliers and business associates that participate in the operation of COVID-19 community-based testing centers….
“HIPAA Certification” is not an officially-recognized qualification to indicate that a Covered Entity or Business Associate is HIPAA compliant. It is just a certificate indicating…
The Georgia Department of Human Services has revealed that employees in Augusta, GA improperly shared of confidential case files that geld the healthcare records of…
This article looks into the 10 of the most common HIPAA violations. It should be remember that, in a lot of instances, investigations have found…
The Department of Health and Human Services announced, n April 2, 2020, that it will from here on be exercising enforcement discretion and will not…
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has released additional guidance on HIPAA and COVID-19, the disease caused by…
After the initial announcement from the HHS’ Office for Civil Rights that enforcement of HIPAA compliance in relation to the good faith provision of telehealth…
During February there were 39 healthcare data breaches of 500 or more records reported and 1,531,855 records were breached, which is the same as a…
Stephan C Dean, the co-owner of the California record storage company Surefile, reported a hacking/IT incident to the HHS’ Office for Civil Rights (OCR) on…
Recent reports have indicated that the World Health Organization has been impacted by a spate of cyber attacks where web pages have been established to…
On August 21, 1996 then US President Bill Clinton added his signature to the Health Insurance Portability and Accountability Act and HIPAA was passed into…
The Minnesota-based senior care treatment LifeSprk is making contact 9,000 of its clients that some of their protected health information was possibly breach due to…
It has been identified that an employee of Hawaii Pacific Health at Straub Medical Center in Honolulu has been snooping on the medical records of…
The best practices for cyber threat information sharing has been published by the Healthcare and Public Health Sector Coordinating Council (HSCC). This new information is…
The HHS has put together a Request for Information (RFI) to identify how HIPAA Rules are hindering patient information sharing and creating boundaries for healthcare…
The Department of Health and Human Services’ Office for Civil Rights (OCR) has made public the first HIPAA penalty of 2020. The medical practice of…
The evolution of technology has made it easier and easier for professionals within the healthcare sector. However, in tandem with this growth so has grown…
Healthcare data breaches of 500 or more records were reported to the Department of Health and Human Services’ Office for Civil Rights at a rate…
NRC Health, a supplier of patient survey services and software to over 9,000 healthcare group, including 75% of the biggest hospital networks in the United…
The term PHI a reference that normally refers to healthcare data, but what does PHI refer to, and what data is the subject of the…
A Department of Health and Human Services’ Office of Inspector General (OIG) audit has found that a number of pharmacies and other healthcare providers are…
The HIPAA Breach Notification Rule States that data breaches of 500 or greater records to be made known to the Secretary of the Department of…
