- + June 2024 Healthcare Data Breach Report—In June 2024, 47 data breaches of 500 or more healthcare records were reported to the HHS’ Office for Civil Rights (OCR), the fewest number of breache...
- + CISA Issues Alert About Multiple Philips Vue PACS Vulnerabilities—More than a dozen vulnerabilities have been identified in the Philips Vue PACS image management and communication system, including critical vulnerabi...
- + 23andMe Reaches Agreement in Principle to Settle Class Action Data Breach Lawsuit—23andMe has reached an agreement in principle to settle a class action lawsuit that was filed in response to a breach of customer data in 2023. The br...
- + Memorial Sloan Kettering Cancer Center Employees Tricked by Phishing Email—Memorial Sloan Kettering Cancer Center (MSK) has announced that the protected health information of 12,274 individuals has been exposed in a phishing ...
- + ITRC: More Than 1 Billion Individuals Affected by H1, 2024 Data Compromises—The first half of 2024 saw a significant increase in the number of victims of data breaches, according to a recently published H1 Data Breach Analysis...
- + Ransomware Groups’ Data Leak Site Listings Increased by 20% in Q2, 2024—An analysis of ransomware groups’ data leak sites by Reliaquest has shown a marked increase in activity in Q2, 2024, with listings increasing by 20%...
- + Publicly Accessible Database Contained 148,000 Files Related to COVID-19 Testing—An InHouse Physicians database containing 148K files related to COVID-19 testing has been exposed online, and Freudenberg Medical and Fairfax Radiolog...
- + Change Healthcare Ransomware Attack Cost Predicted to Rise to at Least $2.3B in 2024—UnitedHealth Group (UHG) has provided an update on the cost of its response to the February 2024 ransomware attack on Change Healthcare. The total cos...
- + Editorial: Why Cyber Fire Drills are an Imperative for Healthcare—Talk to anyone in healthcare about the concept of “cybersecurity,” and the conversation quickly turns to the prevention of cyberattacks. IT and cybers...
- + Class Action Lawsuit Alleges Pruitt Health Ransomware Attack Due to Negligence—Pruitt Health is facing a class action lawsuit over a 2023 ransomware attack that exposed the protected health information of 56,405 patients. Pruitt ...
- + LivaNova Facing Multiple Class Action Lawsuits Over October 2023 Cyberattack—The Houston, TX-based medical device company, LivaNova, is facing multiple class action lawsuits over an October 2023 cyberattack that exposed the p...
- + SouthCoast Health; Call 4 Health Notify Patients About Cyberattacks—SouthCoast Health and Privia Medical Group in Georgia have notified patients about a cyberattack and data breach that occurred in June 2023. Unauthori...
- + RansomHub Claims to Have Stolen and Leaked 100 GB of Florida Department of Health Data—The Florida Department of Health has confirmed to FOX 35 in Orlando that it is investigating a cyberattack. The attack has affected its Vital Statisti...
- + Patient Data Compromised in Palomar Health Medical Group Cyberattack—Palomar Health Medical Group has warned patients that they may have been affected by an April 2024 cyberattack, and DaVita has learned that tracking t...
- + Pennsylvania’s Updated Breach Notification Law Requires Credit Monitoring Services for Breach Victims—Pennsylvania has updated its data breach notification law, narrowing the definition of personal information, adding the requirement to notify the st...
- + Industry Groups Give Feedback on CISA’s Proposed Cybersecurity Reporting Requirements—In April, as required by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), the Cybersecurity and Infrastructure Security ...
- + FREE WEBINAR: Healthcare Compliance: Driving Effective Compliance Forward—Are you a HIPAA Officer or do you have responsibility for compliance in your organization? Are you 100% certain that all of your policies and proce...
- + Protected Health Information Stolen in HealthEquity SharePoint Breach—HealthEquity has confirmed a breach of its SharePoint data, which included protected health information. Data breaches have also been reported by Kair...
- + Email Breach Affects 22,000 Ambulatory Surgery Center of Westchester Patients—The Mount Kisco Surgery Center, doing business as the Ambulatory Surgery Center of Westchester in New York, has recently notified 22,139 patients that...
- + Insider Breaches Reported by Providence Mission Heritage Endocrinology & Samaritan Health Services—Providence Mission Heritage Endocrinology and Samaritan Health Services have identified unauthorized access to patient data by former employees. Pr...
- + HIPAA Rules and Regulations—The HIPAA rules and regulations are the standards and implementation specifications adopted by federal agencies to streamline healthcare transactions ...
- + PHI Exposed in Cyberattacks on Gaia Software & Pinnacle Orthopaedics & Sports Medicine Specialists—Gaia Software has disclosed details of a February 2024 cyberattack, Pinnacle Orthopaedics & Sports Medicine Specialists are investigating an April...
- + Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services—SkinCure Oncology has notified 13,434 patients about an email attack that occurred in June 2023, and the Wisconsin Department of Health Services has a...
- + Texas Retina Associates Cyberattack Affects 312,000 Patients—A cyberattack on Texas Retina Associates has affected more than 312,000 patients, Human Technology Inc., has confirmed that patient data has been comp...
- + OSHA Proposes Heat Injury and Illness Prevention Rule—The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) has proposed the first federal workplace heat standard to protect ...
- + Seattle Plastic Surgery Practice to Pay $5 Million to Resolve False Review and Illegal NDA Lawsuit—A Seattle, WA, plastic surgery practice has been ordered to pay a financial penalty of $5 million to the Office of the Washington Attorney General to ...
- + HIPAA Transactions and Code Sets Rules—The HIPAA transactions and code sets rules have the objective of replacing non-standard descriptions of healthcare activities with standard formats fo...
- + HIPAA Unique Identifiers Explained—The requirement to adopt HIPAA unique identifiers for individuals, employers, health plans, and healthcare providers was originally included in the te...
- + Heritage Valley Health System Pays $950,000 to Settle Alleged HIPAA Security Rule Violations—The HHS’ Office for Civil Rights (OCR) has agreed to settle alleged HIPAA Security Rule violations with Heritage Valley Health System for $950,000. He...
- + Provider Associations Seek Clarity on Notification Responsibilities for Change Healthcare Breach—CHIME and several healthcare provider associations have written to the Office for Civil Rights (OCR) Director, Melanie Fontes Rainer, seeking greate...
- + Iowa Doctor Pleads Guilty to HIPAA Violations—An Iowa emergency room doctor has pleaded guilty to violating HIPAA by knowingly accessing the medical records of two patients without authorization w...
- + Geisinger: Former Business Associate Employee Unlawfully Accessed PHI of More Than 1 Million Patients—More than one million Geisinger patients are being notified that their protected health information has been unlawfully accessed by a former employee ...
- + May 2024 Healthcare Data Breach Report—There has been a fall in the number of reported healthcare data breaches for the second consecutive month to the lowest monthly total since October 20...
- + Editorial: The Role of Nursing Education in Ensuring HIPAA Compliance—At a recent meeting of the American Association of Colleges of Nursing (AACN), I had a chance meeting with Ryan Coyne , the CEO of ComplianceJ...
- + How Long Does HIPAA Training Take?—The duration of HIPAA training varies depending on the specific needs and roles of the individuals being trained, but for healthcare staff undergoin...
- + Ransomware Group Leaks Data from 300 Million Patient Interactions with NHS—The Russian ransomware and extortion group Qilin has added the data stolen in the attack on Synnovis to its dark web data leak site after the deadline...
- + Texas Judge Vacates OCR’s Website Tracking Technology Guidance—On Thursday, a federal judge in Texas ruled that the guidance issued by the HHS’ Office for Civil Rights on website tracking technologies was unlawful...
- + Sav-Rx Sued Over 2.8 Million-record Data Breach—A class action lawsuit has been filed against A&A Services, a medication benefits management service provider that operates as Sav-Rx, over a data...
- + PHI Compromised in Cyberattacks on South Texas Oncology and Hematology & Highland Health Systems—Patients and employees have been notified about cyberattacks and data breaches at South Texas Oncology and Hematology in Texas and Highland Health Sys...
- + Change Healthcare Starts Notifying Entities Affected by February Ransomware Attack—Change Healthcare has provided an update on the progress made in reviewing the files potentially stolen in its February ransomware attack and has conf...
- + Healthcare Data Breach Statistics—The HIPAA Journal has compiled healthcare data breach statistics from October 2009, when the Department of Health and Human Services (HHS) Office for ...
- + Cyberattack on Minnesota Radiology Practice Affects 512,000 Patients—The Edina, Minnesota-based radiology services company, Consulting Radiologists, has started sending individual notifications to almost 512,000 patient...
- + Settlement Resolves Adventist Health’s Unlawful Disclosures of PHI to Law Enforcement—California Attorney General Rob Bonta has announced a settlement with Adventist Health Hanford to resolve alleged violations of the Health Insurance P...
- + WEBINAR Today: Healthcare Compliance: Driving Effective Compliance Forward—Are you a HIPAA Officer or do you have responsibility for compliance in your organization? Are you 100% certain that all of your policies and proce...
- + Personal Healthcare Spending in the United States—Personal healthcare spending in the United States averages $11,197 per person according to the latest National Health Expenditure data published by th...
- + Almost 20,000 Aptihealth Patients Affected by Business Associate Data Breach—Data breaches have been announced by the behavioral health engagement company Aptihealth, the civil engineering and architecture firm Wilson & Com...
- + Superior Air-Ground Ambulance Service Facing Class Action Lawsuit Over 858K-Record Data Breach—Superior Air-Ground Ambulance Service is facing a class action lawsuit over a data breach that affected more than 858,000 individuals. Superior Air-...
- + Multifactor Authentication Could Have Prevented 9.7 Million-Record Medibank Data Breach—In 2022, a hacker breached the network of the Australian health insurance provider Medibank, obtained the personal and medical information of 9.7 mill...
- + Cyber Insurance Claims Reached Record High in 2023—Record numbers of cyber claims were filed against insurance policies in North America in 2023, according to a recent analysis by the insurance broker ...
- + DOJ Unseals Criminal HIPAA Charges Against Surgeon Who Exposed Transgender Care at Texas Children’s—The Department of Justice has unsealed the indictment against Eithan Haim, MD, a surgeon turned whistleblower who shared documents with the press abou...
- + More than 1,500 Appointments Cancelled Following Ransomware Attack on NHS Pathology Vendor—At least 1,500 operations and outpatient appointments had to be canceled at two NHS trusts – King’s College Hospital NHS Foundation Trust and Gu...
- + WEBINAR: Healthcare Compliance: Driving Effective Compliance Forward—Are you a HIPAA Officer or do you have responsibility for compliance in your organization? Are you 100% certain that all of your policies and proce...
- + Blackbaud Agrees to $6.75 Million Data Breach Settlement with California—Blackbaud has agreed to pay $6.75 million to settle alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and Californ...
- + Hackers Accessed 53 Los Angeles County Department of Public Health Email Accounts—Hackers conducted a phishing campaign on Los Angeles County Department of Public Health employees, accessed 53 email accounts, and potentially stole t...
- + Email Breaches Reported by Massachusetts and Tennessee Hospitals—McLean Hospital, Delta Specialty Hospital, and FC Compassus have discovered unauthorized access to their email systems and the exposure of patient dat...
- + Patient Data Exposed in Cyberattacks on PruittHealth & Easterseals Central Illinois—PruittHealth has notified patients about a November 2023 ransomware attack and has confirmed that patient data was stolen. Easterseals Central Illinoi...
- + Mobile County Health Department & Special Health Resources Investigating Cyberattacks—Special Health Resources and Mobile County Health Department are investigating cyberattacks and Palomar Health Medical Group has made progress recover...
- + UK & Canadian Data Regulators Investigate 23andMe Over 2023 Data Breach—Data protection regulators in the United Kingdom and Canada have launched a joint investigation of 23andMe over its 2023 data breach that affected a...
- + Lynwood Manor Patients Notified About 2021 Data Breach—CRG Lynwood, LLC, an Adrian, MI-based healthcare provider that operates the Lynwood Manor skilled nursing and rehabilitation center has issued notific...
- + Does HIPAA Apply after Death?—With regards to the question does HIPAA apply after death, the Privacy Rule states: “A covered entity must comply with the requirements of this subpar...
- + Ascension Ransomware Attack: Initial Access Vector and Data Theft Confirmed—Ascension has confirmed that files were exfiltrated from a small number of servers in its recent ransomware attack, and some of those files contained ...
- + More Than 70,000 Adventist Health Tulare Patients Affected by Business Associate Breach—A business associate of Adventist Health Tulare has identified unauthorized access to the information of 70,000 patients, and Columbia University Irvi...
- + High Severity Flaws Identified in MicroDicom DICOM Viewer—Two high-severity vulnerabilities have been identified in MicroDicom DICOM Viewer medical image viewer, one of which could lead to the execution of ar...
- + Snowflake Customers Attacked in Ongoing Extortion Campaign—A financially motivated threat actor tracked as UNC5537 has been conducting a campaign targeting Snowflake customer databases. At least 165 Snowflake ...
- + Microsoft & Google Offering Free and Discounted Cybersecurity Services to Rural Hospitals—Under the Biden administration’s Health Sector Cyber Initiative, Microsoft and Google have committed to providing critical access and rural hospitals ...
- + Security Vulnerabilities identified in VA-OIG Audit of Bedford VA Healthcare System—An audit of Bedford VA Healthcare System in Massachusetts by the Department of Veteran Affairs Office of Inspector General (VA-OIG) identified several...
- + Senators Urge UHG to Issue Notifications About Change Healthcare Ransomware Attack Before June 21—On June 7, 2024, Senators Maggie Hassan (D-NH) and Marsha Blackburn (R-TN) wrote to UnitedHealth Group CEO Andrew Witty urging him to take responsib...
As of 7/27/24 2:48am. Last new 7/20/24 11:12pm. Score: 607
- Next feed in category: JAMA