A former staff nurse, 41-year old Tangela Lawson-Brown from Midway, has been found guilty by a court in Tallahassee of the theft of patient information in order to commit aggravated identity theft and wire fraud, and to steal government funds. Between October 2011...
The San Antonio, TX, Advanced Spine & Pain Center (ASPC) has advised clients of a possible breach that could have affected as many as 8,362 patients. ASPC became aware of a potential violation of ePHI on July 31, 2017 when some clients reported receiving a...
Over the weekend of August 12-13 an individual obtained access to a file server used by Ashland, MI-based Namaste Health Care and installed ransomware software encrypting data including patients’ protected health information. However, prior to the ransomware being...
An unencrypted laptop device has been stolen from the automobile of an staff worker of Bassett Family Practice in Virginia, possible leading to the exposure of the protected health information of the Practice’s clients. It is believed that the device, a laptop...
Chase Brexton Health Care has reported that the group experienced a phishing cyber attack on August 2 and August 3, 2017 and may have affected as many as 16,562 patients. The cyber attack involved multiple phishing emails being delivered to the inboxes of its...
Healthcare organizations often outsource many HIPAA transactions to third-party vendors, yet finding suitable companies that can provide the necessary services can be a time-consuming process. While there is unlikely to be a shortage of companies that could perform...
RiverMend Health, a Augusta, GA-based specialty behavioral health provider has reported an unauthorized person has gained access to the email account of one of its employees after suspicious emails were identified being sent from that employee’s account. The...
A nurse sacked for a HIPAA violation has lost her legal action against the termination of her employment and a subsequent appeal. On May 7, 2013, Dianna Hereford – a Registered Nurse at the Norton Audubon Hospital in Louisville, KY – was assisting a transesophageal...
September 2017 saw a huge increase in the amount of healthcare data breaches, according to the recently released Breach Barometer report from Protenus which shows there was a serious rise increase. The Protenus report examines data violations made known to the...
New ISACA research reveals that a lot more work still needs to be done in information and technology governance. According to the research, cyber security and defenses present the biggest technological challenges to corporate governance. Boards of directors and team...
Another unsecured Amazon S3 bucket used by a HIPAA-covered entity has been found by Kromtech Security. The unsecured bucket was storing contained 47.5GB of medical details relating to around 150,000 people. The medical details contained in the files included blood...
The medical details of in excess of 10,000 patients of a Naperville, IL-based psychiatrist – Dr. Riaz Baber, M.D. – have been located in the basement of an Aurora residence by the female who rented the house from the psychiatrist. The files in question had been kept...
At the beginning of 2014 the HHS proposed a new rule for certification of compliance for health plans which would have required all controlling health plans (CHPs) to complete a range of documentation. This would have shown the HHS that the CHPS were in compliance...
Amida Care, the New York-based not-for-profit community health plan, advised that a possible HIPAA breach may have occurred impacting up to 6,231 of its subscribers. The group provides health coverage and coordinated care to Medicaid subscribers with chronic health...
The U.S. House of Representatives has paased the Internet of Medical Things Resilience Partnership Act, aiming to put in place a public-private stakeholder partnership. This partnership will be charged with developing a cybersecurity framework that can be implemented...
A fax machine used by a Doctor at Grand Rapids, MI, based Spectrum Health System was recently found to contain the PHI of almost 20 patients. The fax machine was bought from resale shop by a local, who found documents were still stored in the memory of the machine....
According to a recent study by MediaPro, a provider of privacy and security awareness training, best practices for privacy and security are still not well understood by 70% of U.S. employees. For the study, MediaPro questioned 1,012 U.S. workers and posed them a range...
Texas orthopedic clinic CoPilot are just now informing their patients that their protected health information may have been exposed in a 2015 CoPilot data breach. In October 2015, an online portal managed by CoPilot Provider Support Services was accessed by an...
A settlement of $264,000 has been agreed with the Vermont Attorney Genera and SAManage USA in relation to the 2016 data breach that resulted in the Social Security numbers of 660 Vermont residents being exposed online. SAManage USA, a technology group that supplies...
A Catholic health system based in Vancouver, WA PeaceHealth, has revealed discovered that a former member of staff had accessed the medical history of almost 2,000 patients without any an adequate work reason. The unauthorized and inappropriate access was found by...
Almost 4,000 people have potentially had their sensitive patient data exposed in Spokane, WA after a laptop computer once used by the Mann-Grandstaff VA Medical Center (MGVAMC) has been reported as missing. The laptop device was paired with a hematology analyzer and...
Nebraska-based CBS Consolidated Inc., operating as Cornerstone Business & Management Solutions, completed a routine audit of system logs on July 10, 2017 and discovered a seemingly strange account on their servers. This case further highlights the importance of...
Hacking group TheDarkOverlord, after an apparent period of inactivity, has claimed responsibility for another successful attack on a U.S. healthcare supplier. This time the victim was Mass-based SMART Physical Therapy (SMART PT). The announcement of the data theft...
A HIPAA violation at Mercy Health Love County Hospital may have exposed the private information of in excess pf 13,000 patients in Oklahoma. On June 23, 2017, the health centre found that a member of staff employee had stolen a laptop computer and paper records from a...