Recent HIPAA News
-
Managed services provider (MSP) CGuilbert Technologies based in Milwaukee, WI provides managed IT solutions to the healthcare and education industries. It recently confirmed taking the needed steps to be in compliance with the HITECH Act [...]
-
Microsoft was cautioned about the exploitation in the wild of two zero-day vulnerabilities in Microsoft Exchange Server. It has discussed mitigations prior to the patching of the vulnerabilities. The two vulnerabilities are being linked together [...]
-
Magellan Health has decided to resolve a class action data breach legal action and will set up a $1.43 million funding to pay for claims submitted by patients impacted by the data breach. Patients whose [...]
-
A warning was released to the healthcare and public health (HPH) community regarding a Monkeypox phishing campaign attacking U.S. healthcare providers that tries to steal Office 365, Outlook, and other email account credentials. Monkeypox is [...]
-
The HHS’ Office for Civil Rights (OCR) has made a decision to settle three investigations of dental practices for probable violations of HIPAA Right of Access . The three investigations were started after patients filed [...]
-
Google Meet is an innovative VoIP and videoconferencing program that healthcare providers can use to deliver telehealth services, remote consultation services, and virtual patient sessions. However, is Google Meet compliant with HIPAA? Google Meet is [...]
-
For three months now, the reported number of healthcare data breaches has gone down. August had 49 reported breaches involving 500 or more records, which is below the typical 58 breaches a month. The number [...]
-
The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has informed 38,765 patients about the potential compromise of some of their protected health information (PHI) in a cyberattack that happened approximately on July 11, 2022. [...]
-
The Ohio law company, Bricker & Eckler LLP, decided to resolve a class action data breach lawsuit filed on behalf of those impacted by a ransomware attack on the company in 2021. Bricker & Eckler [...]
-
The Federal Bureau of Investigation (FBI) has released a TLP:WHITE Private Industry Notification notifying about persistent cybercriminal efforts attacking healthcare payment processors that endeavor to direct victim payments to accounts controlled by the attackers. These [...]
-
Ambry Genetics has made a decision to settle a class action lawsuit that was due to a breach of the protected health information (PHI) of 232,772 patients. In April 2020, Ambry Genetics informed patients about [...]
-
The Federal Bureau of Investigation (FBI) has given a private industry notification alert concerning the growing number of vulnerabilities in healthcare devices. When medical devices aren’t immediately patched and are operating on obsolete programs, malicious [...]
-
Emerging technologies could transform the healthcare sector. Although there are lots of potential advantages, these technologies could bring risks that can endanger patient privacy and security. When vulnerabilities aren’t appropriately dealt with, threat actors can [...]
-
Rapid 7 researchers found four vulnerabilities in Baxter and Sigma Spectrum infusion pumps. These devices are employed to supply patients with medications and nutrition. These TCP/IP enabled-devices are typically linked to healthcare networks. Vulnerabilities can [...]
-
RabbitSign based in Palo Alto, CA. is now certified by Compliancy Group’s compliance specialists as providing a free-to-use, unlimited e-signing solution that is compliant with the HIPAA Rules. RabbitSign was created at the time of [...]
-
The healthcare provider based in Morristown, VT, Lamoille Health Partners, is dealing with a class action lawsuit because of a ransomware attack in June 2022 that impacted approximately 60,000 patients. Lamoille Health Partners discovered the [...]
-
The HHS’ Office of Inspector General (OIG) has required the Health Resources and Services Administration (HRSA) to enhance supervision of the cybersecurity of the Organ Procurement and Transplantation Network (OPTN). The OPTN is a nationwide [...]
-
Five vulnerabilities were found in CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor of Contec Health. A threat actor could exploit the vulnerabilities to carry out a denial-of-service attack, gain access to a root shell, [...]
-
CorrectHealth Notifies 54,000 Patients About the Email System Breach in November 2021 CorrectHealth based in Alpharetta, GA is sending notifications to patients regarding a breach of its email accounts. The security breach was identified on [...]
-
The Health Sector Cybersecurity Coordination Center (HC3) is alerting the healthcare and public health sector (HPH) regarding one of the ablest and hostile cybercrime syndicates presently active – Evil Corp. The group works from Russia [...]
-
Avamere Holdings based in Wilsonville, OR, a provider of home health care services and operator of a nursing home, is dealing with a class action lawsuit due to a serious data breach that impacted 96 [...]
-
EmergeOrtho, an orthopedic practice in North Carolina, has just informed 75,200 patients that unauthorized individuals accessed some of their protected health information (PHI). As per the substitute breach notice posted by EmergeOrtho, the practice detected [...]
-
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released an alert to the Healthcare and Public Health Sector (HPH) regarding a fairly new ransom threat group named Karakurt, which [...]
-
Humana & Cotiviti have decided to resolve a class action lawsuit and the claims from people impacted by a data breach in 2020 that compromised the protected health information (PHI) of 64,654 people. Humana had [...]
-
Onyx Technologies based in Largo, MD, a company offering Information Technology and Consulting Services and a vendor of Independent Care Health Plan (iCare), recently informed 96,814 health plan members about the potential compromise of some [...]
-
July 2022 had 66 healthcare data breaches affecting 500 and up records reported to the Department of Health and Human Services Office for Civil Rights. This figure is 5.71% less than the 70 data breach [...]
-
A digital marketing and analytics company based in Idaho filed a lawsuit against the Federal Trade Commission for allegedly violating the Federal Trade Commission (FTC) Act with its data practices. Kochava’s principal business unit offers [...]
-
Practice Resources based in Syracuse, NY provides billing and other professional services. It encountered a data breach that affected the data of 942,138 persons. The breach notification provided to the California Attorney General indicated that [...]
-
The health plan provider Priority Health based in Michigan has reported that it was affected by a data breach that occurred at a business associate, the law agency Warner Norcross & Judd (WNJ). Steps were [...]
-
The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released a joint security advisory concerning the extensive attack on organizations in the healthcare and medical sectors by the [...]
-
The American Data Privacy and Protection Act (ADPPA) presented in June was considerably revised in just a few days. Then, last month there was a new draft of ADPPA law presented having more changes. The [...]
-
Zenith American Solutions, the Sound Health and Wellness Trust’s third-party manager, recently advised people regarding a mailing error that compromised their Social Security numbers of the people. Based on the breach notification, the company sent [...]
-
Salinas Valley Memorial Healthcare System based in California has decided to negotiate a class action lawsuit by paying $340,000 to settle claims from patients impacted by the email security breach in 2020. From April 30, [...]
-
Additional information was recently published regarding two cyberattacks on healthcare companies: Behavioral Health Group and Goodman Campbell Brain and Spine. Behavioral Health Group Reports Potential Compromise of Patient Data in December 2021 Cyberattack Behavioral Health [...]
-
Dental Care Alliance decided to resolve a class action lawsuit filed due to a data breach that affected approximately 1.7 million people. A $3 million fund was reserved to cover claims from persons impacted by [...]
-
Fast Track Urgent Care, an urgent healthcare clinic network in Florida, has announced that the protected health information (PHI) of 258,411 persons was exposed and possibly stolen due to a ransomware attack on PracticeMax, a [...]
-
Meta is dealing with one more class action lawsuit because of the illegal collection and disclosure of health information with no content. The Northern District of California received the filed lawsuit on behalf of the [...]
-
A big data breach was reported that has impacted many healthcare, senior living and rehabilitation centers in Arizona, Oregon, Nevada, Colorado, Utah, and Washington, which are managed by organizations that belong to the group Avamere [...]
-
Almost all Americans are confident regarding their understanding of cybersecurity as per the latest AT&T study of 2,000 People in America. Nevertheless, bad cyber hygiene and poor password strategies remain a usual thing. OnePoll performed [...]
-
Cybercriminals are increasingly attacking business associates of HIPAA-covered entities because of the ease of accessing the systems of a number of healthcare providers. To help healthcare delivery organizations (HDOs) manage the situation, the Cloud Security [...]
-
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released information to assist healthcare companies to be protected against web application attacks. In recent years, web applications have increased in [...]
-
Blue Cross and Blue Shield of Massachusetts (BCBSofMA) has just confirmed that a data breach at a business associate resulted in the exposure of the protected health information (PHI) of a number of its health [...]
-
In June 2022, 70 healthcare data breaches involving 500 or higher records were reported to the Department of Health and Human Services’ Office for Civil Rights (OCR). This number is two less than May and [...]
-
The National Institute of Standards and Technology (NIST) has made updates to its guidance for HIPAA-covered entities on enforcing the HIPAA Security Rule to better secure patients’ personal data and protected health information (PHI). The [...]
-
The Methodist Hospitals Inc decided to resolve a class action lawsuit and allocated a $425,000 fund for claims filed by victims in relation to a data breach in 2019 that impacted about 70,000 patients. The [...]
-
A new Phishing by Industry Benchmarking Report showed that giving security awareness training to the employees considerably lowers risks to phishing attacks. KnowBe4 conducted the study to find out how helpful security awareness training is [...]
-
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has reported that Oklahoma State University – Center for Health Sciences (OSU-CHS) has decided to negotiate a HIPAA investigation arising from the [...]
-
Eric G Piasick D.M.D. has utilized the exclusive HIPAA methodology of Compliancy Group and was certified to be in compliance with the HIPAA Guidelines and the HITECH Act. Under the Health Insurance Portability and Accountability [...]
-
Health Aid of Ohio has decided to resolve a class action lawsuit to handle claims concerning its inability to secure the sensitive personal data of its clients. Health Aid of Ohio based in Parma, OH [...]
-
All Trans Software Inc based in Ramsey, MN, which provides transportation vendors with Non-Emergency Medical Transportation (NEMT) software solutions, is certified to have put in place an efficient HIPAA compliance program according to the Compliancy [...]