ATI Physical Therapy has found that protected health information of over 35,000 of its clients may have been accessed when hacker captured details within the email accounts of some of its staff members. A security breach was found on January 18, 2018 when ATI Physical...
A New York medical practice has revealed that tens of thousands of their patients have had their protected health information exposed online due to an improperly configured server. It is currently not obvious if anyone other than the security researcher who found the...
It is believed that healthcare data breach that saw the protected health information of clients of CVS Caremark impacted has lead to legal action against CVS, Caremark, and its mailing supplier, Fiserv. The legal action, which was submitted in Ohio federal court on...
Geneva, NY-based Finger Lakes Health has been hit by a ransomware attack that has impacted its computer system. Employees have been forced to work on pen and paper while the health system tries to remove the malware and restore access to electronic data. The...
A Clinical Pathology Laboratories Southeast, Inc., (CPLSE) employee’s unencrypted work laptop computer has been stolen, exposing the protected health information of targeted patients and their payment guarantors. Swift action was taken by CPLSE to stop the...
Healthcare groups seeking a hosting solution may identify Liquid Web as a possible vendor, but is Liquid Web HIPAA compliant? Can its cloud management services be used by HIPAA-covered bodies for hosting applications and projects that include electronic protected...
Anomali has teamed up with the National Health Information Sharing and Analysis Center (NH-ISAC) and will be supplying threat intelligence to healthcare groups through NH-ISAC. Anomali will be supplying NH-ISAC with the necessary tools and infrastructure to allow its...
RoxSan Pharmacy has made contact with 1,049 patients to advise them that some of their protected health information has been shared with to a business associate via unencrypted email. The notification letters were issued to affected people last month, although the...
Primary Health Care Inc., a non-profit network of community health oganizations based in Des Moines, Marshalltown and Ames, IA, has found that malicious actors have obtained access to the email accounts of four staff members and have possibly viewed or gained...
The Alabama Data Breach Notification Act (Senate Bill 318) has progressed to be considered by the House of Representatives after being unanimously agreed upon by the Alabama Senate recently. Alabama is one of the final two states that still has to bring in laws which...
It has been discovered that an electronic device, used to record the signatures of clients, has been disposed of without first clearing the device of all saved protected health information at a ShopRite pharmacy in Millville, New Jersey A small amount of protected...
Wisconsin-based provider of medical, laboratory, pharmacy, fitness, and physical therapy services QuadMed has discovered that PHI 5,305 clients may have been impermissibly disclosed to certain members of staff. In November 2013, QuadMed took over management of an...
The PHI of 33,420 people of BJC Healthcare has been accessible by the public online for eight months with no requirement for authentication to see the data. BJC Healthcare is one of the biggest not-for profit healthcare systems in the USA. The St. Louis-based...
To refer to texting as a violation of HIPAA is not strictly correct. Depending on the body copy of the text message, who the text message is being shared with, or mechanisms put in place to safeguard the integrity of Protected Health Information (PHI), texting can be...
A $575,000 settlement with the New York Attorney General has been agreed by by EmblemHealth following a 2016 mailing error that saw the Health Insurance Claim Numbers of 81,122 clients printed on the outside of envelopes. New York Attorney General Eric T. Schneiderman...
The U.S. Office of Personnel Management (OPM) Office of the Inspector General Office of Audits (OIG) has released a Flash Audit Alert claiming Health Net of California has refused to adhere with a recent security audit. Health Net supplies benefits to federal workers,...
St. Peter’s Surgery & Endoscopy Center in New York has been hit by a malware infection which could have allowed hackers to access medical records of up to 135,000 patients. This is the second biggest healthcare data breach of 2018, so far, and the largest to be...
The most recent release of the Protenus Healthcare Breach Barometer report has been released. Protenus reports that in total, at least 473,807 patient records were accessed or stolen in January, although the number of people affected by 11 of the 37 breaches is not...
A ransomware attack on Jemison Internal Medicine of Alabama on December 20, 2017 lead to electronic health records being encrypted, disabling access to the patient data for the healthcare provider. A ransom demand was sent for the keys to disable the encryption...
A recent report published in the Post and Courier revealed that the Medical University of South Carolina (MUSC) fired 13 employees last year for violating HIPAA Rules by prying on patient records. Overall, there were 58 privacy breaches in 2017 at MUSC, all of which...
HIPAA Compliance Checklist 2018-2019 If your group manages electronic Protected Health Information (ePHI), the best thing for you to do is to carefully consider all of the information included here in our HIPAA compliance checklist 2018-2019. The purpose of our HIPAA...
White and Bright Family Dental has found that one of its data servers storing patients’ private data has been hacked. Access to the Fresno, CA-based server was obtained by the hackers on January 30, 2018. The Fresno Police Department was quickly made aware of the...
Around 1,900 people who were treated by the University of Virginia Health System are being contacted to be made aware that a hacker has gained access to their medical information using a malware infection. The malware in question had been loaded onto the devices in...
