Universities that aim to train the leaders of tomorrow´s healthcare industry must do everything in their power to prepare their students for the many challenges that they will face during their educational and professional lives. […]
The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules must be adhered to by all covered entities and their business associates, hence it is particularly important for nurses to clearly […]
The healthcare sector in the United States faces escalating data security challenges due to the increased activity of cybercriminals – particularly since the beginning of the COVID-19 pandemic. Consequently, it may be necessary to commit […]
Who can sue for a HIPAA violation? Unlike the California Consumer Privacy Act (CCPA), there is no private cause of action in HIPAA, so that means a patient cannot sue for a HIPAA breach even […]
During the past twelve months, the number of recorded ransomware attacks against healthcare organizations – particularly small and medium sized practices – has increased significantly. Security experts believe the increase in recorded ransomware attacks is […]
In Illinois Lake County Health Department has revealed that it has been impacted by two separate data breaches that could have impacted the protected health information (PHI) of approximately 25,000 patients. The initial breach took […]
The vast majority of entities covered by the Health Insurance Portability and Accountability Act (HIPAA) provide regular training to employees on their responsibilities under HIPAA, and employees are diligent and take care not to violate […]
Due to the volume of federal, state, and international privacy regulations, it is understandable some businesses may be uncertain about whether you can ask for proof of COVID-19 vaccination status. The short answer to the […]
The HIPAA breaches reported during April 2021 show a huge increase in the number of data breaches recorded from January to April 2021 compared with the same period in 2020. The amount of HIPAA breach […]
Introduced on September 1, 2012, Texas House Bill 300 (HB 300) expands the existing privacy requirements of the Texas Medical Records Privacy Act to any individual or organization that has access to the Protected Health […]
Four new zero-day vulnerabilities in Microsoft Exchange Server versions 2013, 2016, and 2019 have been discovered by the U.S. National Security Agency (NSA). These versions of Microsoft Exchange Server must be patched as soon as […]
On January 28, 2021 malware was discovered on databases holding private patient at the data La Clinica de la Raza in Oakland, CA. The clinic is now getting in touch with a range of patients to […]
Booking.com has been penalised and fined to the tune of €475,000 ($560,000) after being found guilty of failing to report a data breach within the time period set down by the European Union’s General Data […]
Although the text of HIPAA contains only one reference to passwords, there are several other areas of the Act in which it is inferred HIPAA password requirements exist. For example, under the Technical Safeguards of […]
The value of providing healthcare students with Health Insurance Portability and Accountability Act (HIPAA) training cannot be underestimated as it can prevent serious data breaches from occurring while also increasing the employability of the individuals […]
In any healthcare or healthcare insurance organization it is crucial anyone who comes into contact with patient data is fully aware of what is defined as Protected Health Information (PHI) under HIPAA to ensure they […]
Most HR managers will be aware that if the organization operates a self-funded health insurance plan which is also self-administered, employees with access to protected health information (PHI) are required to undergo HIPAA training. HIPAA […]
Any entity found to have violated the Health Insurance Portability and Accountability Act (HIPAA) Rules can face massive financial penalties and administrative sanctions. For this reason it is crucial for employees to have an in-depth […]
Law firm DLA Piper has published a report that shows European Union-based businesses paid fines totalling €272.5m ($329m) for an extensive list of breaches of the General Data Protection Regulation (GDPR) since it was first […]
Trying to come up with a definitive answer to the question ‘Who Enforces HIPAA?’ can bring up two very different answers. On one hand there are the official bodies and agencies that are charged with […]
It is crucial that all members of staff at a HIPAA governed entity are completely aware of their obligations under the data privacy legislation – if not it could lead to financial penalties for the […]
Every HIPAA-covered entity must conduct HIPAA training on an ongoing basis to ensure that all employees know what they must do to avoid a HIPAA breach occurring. Equally important as conducting the training is choosing […]
Roper St. Francis Healthcare has made contact with 189,761 patients to make them aware that a portion of their protected health information was included in the staff employee email account to which access was illegally […]
Following a preliminary judgement released by the Data Protection Commission (DPC) in Ireland, which has been shared with other European Union-based data protection regulation bodies for further review, WhatsApp may be sanctioned with a penalty […]
With the passing, in November 2020, of the California Privacy Rights Act, came a range of new obligations for businesses operating in the State. They must now move swift to make sure that every member […]
The General Data Protection Regulation (GDPR) became enforceable on May 25 2018 and brought with it a number of rules that could, if broken, may result in the sanctioning of heavy fines. One sector where […]
The European Court of Justice is considering issuing a ruling that will allow a complaint in relation to the General Data Protection Regulation (GDPR) to be heard by the the data protection authority in any […]
Telehealth is an area that is very important to pay particular attention to when addressing the Health Insurance Portability and Accountability Act (HIPAA) compliance so it is important to be aware of the many different […]
An update on the Departments of Health and Human Services’ (HHS) Office for Civil Rights (OCR) breach portal has revealed that a previously-employed contract staff member may have illegally accessed the medical records of a […]
In the third quarter of 2020, an alert was released for the healthcare and public health sector in the aftermath of a spike in ransomware activity being identified. The joint CISA, FBI, and HHS cybersecurity […]
Due to the end of the Brexit transition period on January 1 2021, the United Kingdom was dues to be designated as a ‘third country’ in relation to the the European Union’s General Data Protection […]
With the Brexit transition period coming to an end there are a number of important considerations for companies in the United Kingdom to review in relation to the appointment of a General Data Protection Regulation […]
Healthcare groups and their business associates that want to transmit share protected health information must do so in line with the HIPAA Privacy Rule, which restricts the potential uses and disclosures of PHI, but de-identification […]
In France the data protection regulator, Commission nationale de l’informatique et des libertés (CNIL), has penalised French retail giant Carrefour more than €3m ($3.7m) in relation to a number of breaches of the European Union’s […]
The U.S. National Security Agency (NSA) has issued a cybersecurity advisory warning Russian state-sponsored hacking groups are targeting a vulnerability in VMWare virtual workspaces used to support remote working. The flaw, tracked as CVE-2020-4006, is […]
In a busy day for the French Data Protection Authority CNIL, it was announced on Thursday that e-commerce giant Amazon had been fined €35m for a breach of the European Union’s General Data Protection Regulation […]
In France, the data protection regulatory authority CNIL has sanctioned Google with its largest General Data Protection Regulation financial penalty to date, €100m, in relation to a breach of the GDPR legislation which governs the […]
It has been revealed in the United Kingdom recently that a special task force, the Digital Markets Unit (DMU), will be established in order to ensure that large Internet-based companies can be properly policed, including […]
University of Minnesota Physicians has been hit by a cybercriminal attack that result in access being gained to the email accounts of two members of staff. One corporate email account was rendered accessible from the […]
In Canada Minister of Innovation, Science and Industry Navdeep Bains has introduced the proposed Digital Charter Implementation Act, 2020 which aims to bring the framework up to date for the security of private data in […]
Listed here is a summary of some of the most significant HIPAA breach cases that have lead to settlement agreements with the Department of Health and Human Services’ Office for Civil Rights (OCR). We have […]
In the United Kingdom the Information Commissioner’s Office (ICO) has applied a fine of £1.25million against Ticketmaster UK Limited as a result of the company being found to be neglecting their duty to maintain its […]
In California the California Privacy Rights Act (CPRA) ballot initiative has been passed after winning the approval of 56% of votes. This means that Californiance Consumers Privacy Act will be amended to incorporate additional rights […]
Following claims of breaches of federal and state legislation, linked to a data breach involving the protected health information of 9,700 customers of two ShopRite supermarkets in Millville, New Jersey and Kingston NY, Wakefern Food […]
HIPAA compliance is already provided by Amazon for its cloud platform AWS and the group is aiming to increase the use of the Alexa voice recognition technology within the healthcare sector. There is great potential […]
Microsoft have made a new patch available to address a critical remove code execution flaw in the Microsoft Windows Transmission Control Protocol (TCP)/IP stack. The flaw is related to how the TCP/IP stack manages Internet […]
Amazon Web Services (AWS) is a cloud platform service, a subsidiary of Amazon that includes more than 175 data centers around the world. AWS provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go […]
A third set of proposed modifications to the California Consumer Privacy Act (CCPA) has been released by the California Department of Justice. The California attorney general became authorized to enforce the law on July 1, […]
Anthem Inc. has come to an agreement to settle actions by state attorneys general in different US states in relation to the 2014 78.8 million record data breach. Along with the $48.2 million financial penalty, […]
An alert has been released by the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) after a noticeable increase in LokiBot malware activity was recorded in the past eight weeks. LokiBot – also referred […]
The second annual National Insider Threat Awareness Month (NITAM) has been kicked off frequently, and assistance is being provided being made available to emphasize the importance of tackling insider threats. This event is a group […]
The impact of COVID-19 on a global scale can still not be truly estimated and will not be clear for many years to come. Indeed the world has possibly not seen an upheaval like this […]
Another four healthcare suppliers have broadcast HIPAA breach alerts in relation to the Blackbaud ransomware attack and data breach. Just after the Northwestern Memorial HealthCare group revealed that the personal information of 55,983 clients had […]
In California an accusation that the illegal harvesting the biometric data of over 100 million Instagram users has taken place has resulted in legal proceedings being initiated against Facebook, owner of the image sharing social […]
Norton Audubon Hospital has revealed that a HIPAA violation that a patient alleged took place led to the termination of the registered nurse’s employment contract. The nurse in question, Dianna Hereford, initiated a legal action […]
A California federal court legal action alleges that Google has been tracking smartphone users’ app activity without adequate authorization in breach of the California Consumer Privacy Act. The legal action that was filed in the […]
The Federal Bureau of Investigation (FBI) has released a (TLP:WHITE) FLASH alert following a rise in attacks using Netwalker ransomware. Netwalker is a new threat on the ransomware scene, first spotted in March 2020 after […]
A massive phishing campaign which was being operated in 62 countries has been taken down by Microsoft. First spotted by Microsoft’s Digital Crimes Unit (DCU) in December 2019, this particular phishing campaign was trying to […]
Currently, there is no private cause of action in HIPAA, so a patient cannot take a legal action for a HIPAA violation. Even if HIPAA Rules have clearly been breached by a healthcare provider, and […]
The General Data Protection Regulation (GDPR) became active on May 25 2018. This short article will look into how GDPR impacts the Insurance Industry. Specialised consideration of the new Regulation is vital due to the […]
Following mediation talks, there has been an agreement to a proposed settlement between Grays Harbor Community Hospital and Harbor Medical Group and the representative plaintiff in a proposed class action lawsuit connected to a June […]
Several security flaws have been discovered in the remote access system, Apache Guacamole, a system which has been implemented by many companies to allow administrators and employees to access Windows and Linux devices remotely. The […]
According to the terms of the GDPR, a small business is one that employs less than 250 and is not expected to meet some of the more stringent stipulations of the legislation. Small Business GDPR […]
Because HIPAA was enacted a number of years prior to the evolution of social media platforms, there are no provisions specifically addressing social media networks and PHI in the HIPAA text. However, this does not […]
Due to an alleged failure to put in place appropriate security measures to safeguard protect personal information, online design marketplace Minted Inc. is facing a class action lawsuit for breaching the California Consumers’ Privacy Act. […]
A bipartisan group of Senators have introduced a bill dedicated to securing contact tracing and exposure notification apps that will be implemented to manage the spread of COVID-19. One of three bills introduced, the Exposure […]
Groups that are hit by a ransomware attack may be tempted to pay the ransom to reduce downtime and save on recovery costs, but a survey conducted by Sophos suggests organizations that pay the ransom […]
The challenge for business start-ups to successfully navigate their first couple of years in business is tricky enough without having to worry about investing additional time ensuring that they are 100% compliant for data privacy […]
Using a HIPAA compliance guide will put you in a position to ally your group and your business associates to gain a proper understanding of the requirements associated with the Health Insurance Portability and Accountability […]
Last week a group of four four Republican Senators revealed that they are proposing federal privacy legislation that will establish rules in relation to the collation and use of personal information during the Coronavirus pandemic. […]
The California Privacy Rights Act (“CPRA”), an Act that was drafted to address some of the supposed shortcomings of the recently introduced Californian Consumers’ Privacy Act (CCPA), has moved closer to a reality as advocates […]
Due to the COVID-19 Pandemic, many groups have have to quickly set up remote working capabilities for their staff. As a result of this there has been increased potential for cybercriminals to initiate campaigns. Remote […]
The National Security Agency has release cybersecurity guidance for teleworkers to help enhance security when staff are working remotely. The guidance has been made available primarily for U.S. government employees and military service members, but […]
Stockdale Radiology in California has revealed that patient privated data has been compromised due to a ransomware attack that took place on January 17, 2020.An internal review confirmed that the hackers gained access to patients’ […]
California Attorney General Xavier Becerra has released a statement, reminding Californians of their rights in relation to their privacy, which further emphasized his office’s commitment to stick to the July 1 2020 enforcement date for […]
It has been announced that the Department of Health and Human Services (HHS) will be easing the sanctioning of penalties in relation to specific data privacy breaches during the COVID-19 pandemic. The Notice of Enforcement […]
Zoom, a video conferencing software application that has experienced explosive growth due to the social distancing measures introduced globally during the COVID19 crisis, has had a class action lawsuit filed against it in the Northern […]
Following the declaration of a state of emergency by California Governor Gavin Newsom in a bid to stem the surge of COVID-19, trade associations have issued a plea to have CCPA enforcement suspended until 2021. […]
It is important to remember that, despite the wide-reaching and deep impact the the COVID-19 pandemic, the rights of individuals to have their protection respected are as important and relevant as ever. In recent weeks […]
Chief Information Security Officer for the World Health Organization Flavio Aggio has revealed that there has been a massive increase in the amount of cyber-attack registered against his group since the COVID-19 Pandemic began. When […]
In Sweden, the Data Protection Authority (DPA) has taken the decision to sanction a 75 million kronor (US$8 million) General Data Protection Regulation Penalty in relation to a “failure to comply”. This step was taken […]
As it typically the case when large-scales global events take place, the COVID 19 Coronavirus pandemic has resulted in cybercriminals attempting to use the situation to target unsuspecting individuals and companies as they attempt to […]
Hackers, spammers and cybercriminals are always leveraging current events to try and target susceptible Internet, SMS and email users and the coronavirus COVID 19 is no different. In the United States an alerts has been […]
The Lake Success, NY-located home health company, Personal Touch Home Care (PTHC), has begun contacting clients to advise them that a ransomware attack on its Wyomissing, PA-based IT vendor, Crossroads Technologies Inc. may have resulted […]
The California Consumer Privacy Act (CCPA), which became enforceable on January 1 2020 has resulted in may Californian-based businesses struggling to ascertain what they must do to achieve compliance with the new legislation. In addition […]
The amount of data breaches that were conducted globally in 2019 was more than in any other previous year, coming in at a total of 7,098 detected breaches. While this might be seen as just […]
Sports retailer Decathlon, which has outlets in 49 countries globally, has reported a data breach that impacted 123 million records which incorporated unencrypted passwords. The breach was first noticed by VPNmentor on 12 February, and […]
Since it became enforceable on May 25 2018 the European Union’s General Data Protection Regulation (GDPR) has has wide-reaching effects on the data privacy of Internet Browsers as it seeks to ensure that it always […]
In Ireland the Data Protection Commission has become the latest data protection authority in the European Union to instigate an enquiry into the data processing that is being carried out by online dating service Tinder […]
The HIPAA password requirements list the procedures must be established in order to successfully and safely create, amend and protect passwords unless a different, equally-effective security measure is put in place. We suggest the best […]
In California a state senator in California is submitting proposed legislation which would allow for greater direct supervision in relation to direct genetic testing companies to the consumer. Santa Ana Democratic Senator Thomas Umberg has […]
A newly-published report from the ransomware incident response outfit Coveware indicates that payments completed by ransomware victims grew noticeably during Q4, 2019. The average ransomware payment grew by 200% during Q4, as two of the […]
Experts at TechCrunch have discovered a security flaw in a website hosting an internal customer relationship management system used by the clinical laboratory network LabCorp. While the system was password protected, the experts discovered found […]
Since it was introduced on May 25 2018, €114m in fines and more than 160,000 General Data Protection Regulation (GDPR) data breach notifications have been registered by data protection authorities in the European Union, with […]
An advisory has been released by California Attorney General Xavier Becerra reminding consumers of their new rights under the California Consumer Privacy Act (CCPA), which became enforceable January 1 this year. In the advisory Becerra […]
As the number of medical professionals using personal mobile devices to communicate and collaborate on patient concerns increases it becomes more and more important to ensure that healthcare groups address the use of technology and […]
The FBI has released a TLP:Amber alert as a reaction to a number of cyberattacks involving the ransomware strainsLockerGoga and MegaCortex. The threat actors employing these ransomware variants have been focusing on large enterprises and […]
The Department of Health and Human Services’ Office for Civil Rights (OCR) has revealed a $65,000 HIPAA violation settlement has been agreed with West Georgia Ambulance, Inc., to address multiple breaches of Health Insurance Portability […]
From today the Californian Consumer Privacy Act becomes enforceable, state-level legislation that obligates companies to alert users of the intent to monetize their data, and give them a simple way of opting out of this. […]
A Colorado IT company that dedicates itself providing managed IT services to dental clinic has been infiltrated with ransomware. Via the company’s systems, over 100 dental clinics have also been targeted and have had ransomware […]
Copyright © 2023 ComplianceJunction