HIPAANews
Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field.
Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile: https://www.linkedin.com/in/pkkennedy/
by Patrick Kennedy | Jan 11, 2018 | HIPAA News
The Agency for Health Care Administration in Florida has found that an unauthorized individual obtained access to a single email account due to a member of staff beign tricked by phishing scam. The member of staff received and responded to the malicious phishing email...
by Patrick Kennedy | Jan 10, 2018 | HIPAA News
1,128 patients’ protected health information has potentially been viewed after an unauthorized individual gained access to the Compassionate Care Hospice Las Vegas (CCHLV) network and server. The breach occurred on October 28, 2017, CCHLV was alerted that its network...
by Patrick Kennedy | Jan 9, 2018 | Cybersecurity, HIPAA News
The findings of an audit of the North Carolina State Medicaid agency by The Department of Health and Human Services’ Office of Inspector General (OIG) have been published in a new report. The report indicates that the State agency has failed to put in place sufficient...
by Patrick Kennedy | Jan 8, 2018 | HIPAA News
Kaiser Permanente has suffered a couple of security incidents which filed with the Department of Health and Human Services’ Office for Civil Rights (OCR). Overall, in excess of 5,000 people have been affected by the data violations. The HIPAA breaches impact clients...
by Patrick Kennedy | Jan 6, 2018 | HIPAA News
It has been discovered that a former member of staff at SSM Health has been accessing the health records of patients without any valid work reason for doing so for roughly eight months. The former health worker was employed in the St. Louis, MO-based not-for-profit...
by Patrick Kennedy | Jan 5, 2018 | HIPAA News
A former employee of Emory Healthcare (EHC) has been found to have obtained the protected health information of 24,000 EHC patients and shared the data to a Microsoft Office 365 OneDrive account, from where it could possibly be downloaded by other people. The former...
by Patrick Kennedy | Jan 4, 2018 | HIPAA News
Longs Peak Family Practice (LPFP) in Colorado has found that an individual gained access to its systems and encrypted files using ransomware last November. The family and sports medicine practice based in Longmont CO, found suspicious activity on its network on...
by Patrick Kennedy | Jan 3, 2018 | HIPAA News
A cyberattack, causing unexpected downtime, has been discovered at The University of Rochester Medicine’s Jones Memorial Hospital in Wellsville, NY. The attack is thought to have started on Wednesday December 27 and has lead to disruption to some of its information...
by Patrick Kennedy | Dec 30, 2017 | HIPAA News
The Colorado Mental Health Institute at Pueblo has found that one of its staff members has been tricked by a phishing scam that possibly allowed the attacker to gain access to the protected health information of around 650 patients. A 449-bed hospital providing...
by Patrick Kennedy | Dec 29, 2017 | HIPAA News
A Reno-based dental practice in has been hit by a ransomware attack that denied access to dental records and images for five days. The malicious software was installed, during a ransomware attack on October 30, on one computer and one server at the Wager Evans Dental...
by Patrick Kennedy | Dec 27, 2017 | Cybersecurity
Almost 10,000 patients of Columbus Surgery Center, LLC and Eye Physicians, P.C., in Columbus, Nebraska have been impacted by a ransomware attack. The ransomware attack was carried out on October 7, 2017 and hit a large amount of files on some servers being encrypted...
by Patrick Kennedy | Dec 21, 2017 | HIPAA News
The protected health information of 1,750 patients of Austin Manual Therapy (AMT) may have been accessed and stolen by a criminal who gained access to the group’s system. A forensic review by a leading national cybersecurity team showed access was initially...
by Patrick Kennedy | Dec 20, 2017 | HIPAA News
Patients of MidMichigan Medical Center (MMC) in Alpena have been warned of a potential breach of their health data. On November 18, a MMC cardiologist took patient files from the Alpena cardiology office without permission. The files were taken to the cardiologist’s...
by Patrick Kennedy | Dec 19, 2017 | HIPAA News
NYU Langone Health System has found that files that included a log of presurgical insurance authorizations, relating to around 2,000 patients, was mistakenly recycled by a cleaning company in October 2017. Data in the binder included names, birth dates, dates of...
by Patrick Kennedy | Dec 18, 2017 | HIPAA News
Two serious breaches of patients’ protected health information have been discoveredd in Texas and Pennsylvania. Email Account Compromised at Midland Memorial Hospital Midland Memorial Hospital has suffered a breach of a a number of patients’ protected health...
by Patrick Kennedy | Dec 17, 2017 | HIPAA News
Many data breaches have been reported by HIPAA-covered entities, involving the loss or theft of physical records, in the past two months. In November, seven violations involving paper records were made known to the HHS’ Office for Civil Rights, and another five...
by Patrick Kennedy | Dec 16, 2017 | HIPAA News
The Oklahoma Department of Human Services experienced, in April 2016, a data breach, and while alerts were sent to affected people and the DHS’ Office of Inspector General shortly after the breach was found, a breach notice was not filed to the HHS’ Office for Civil...
by Patrick Kennedy | Dec 15, 2017 | HIPAA News
UNC Dermatology & Skin Cancer Center has discovered that one of its laptop computers has been stolen, exposing the protected health information of around 24,000 patients. The computer was obtained by unauthorized individuals in a break in on October 8, 2017 at the...
by Patrick Kennedy | Dec 14, 2017 | HIPAA News
Two employees at Chicago’s Sinai Health System have had their email accounts compromised in a recent cyberattack. Sinai Health System reports that the phishing attack happened on October 2, and that it was quickly discovered and mitigated. Access to the compromised...
by Patrick Kennedy | Dec 13, 2017 | HIPAA News
The New Jersey-based Hackensack Sleep and Pulmonary Center, experts in sleep disorders and pulmonary conditions and diseases, has suffered a ransomware attack that in the protected health information of certain clients being encrypted. The ransomware attack happened...
by Patrick Kennedy | Dec 12, 2017 | HIPAA News
Louisville, KY based Baptist Health has contacted 880 patients that some of their protected health information may have been obtained by by hackers. The PHI violation was found on October 3, 2017, when irregular activity was discovered on the email account of an...
by Patrick Kennedy | Dec 11, 2017 | HIPAA News
The Henry Ford Health System has started alerting almost 18,500 patients that some of their protected health information may have been been accessed by an unauthorized person. The breach was found on October 3, 2017 when unauthorized access to the email accounts of...
by Patrick Kennedy | Dec 10, 2017 | HIPAA News
The discovery has been made that the medical records of 769 patients of Lowell General Hospital in Massachusetts have been accessed by an employee without any valid work reason. In accessing the medical details, the employee violated hospital policies and breached the...
by Patrick Kennedy | Dec 9, 2017 | HIPAA News
A provider of mental health treatment and support services for individuals with intellectual and developmental disabilities, Center for Health Care Services (CHCS), has foudn that documents containing the protected health information of patients have been illegally...
by Patrick Kennedy | Dec 8, 2017 | HIPAA News
Paper files with information including names, Social Security details, and medical records, along with details of cancer diagnoses and sexually transmitted diseases (STDs), have been found at a recycling center in Allentown, Pennsylvania. The files seem to have...
by Patrick Kennedy | Dec 7, 2017 | HIPAA News
A breach of patients’ protected health information (PHI) at the UAB Medicine Viral Hepatitis Clinic in Birmingham, AL has been discovered. UAB Medicine uses flash drives to send data from its Fibroscan machine to another computer. On October 25, 2017, two flash drives...
by Patrick Kennedy | Dec 6, 2017 | HIPAA News
ShopRite Supermarkets, Inc., has revealed that some of its clients have been impacted by a security breach following the improper disposal of a device used to record customers’ signatures. The device was stolen from the ShopRite outlet at Kingston, NY between 2005...
by Patrick Kennedy | Dec 5, 2017 | HIPAA News
Sports Medicine & Rehabilitation Therapy (SMART) has made contact with 7,000 patients to advise them of a violation of their protected health information. The breach has have affected all patients whose information was captured while attending a SMART center...
by Patrick Kennedy | Dec 4, 2017 | HIPAA News
Recently published, the second draft of the revised NIST Cybersecurity, Version 1.1 of the Framework, incorporates major changes to some of the current guidelines and many new additions. Version 1.0 of the NIST Cybersecurity Framework was first released during 2014...
by Patrick Kennedy | Dec 3, 2017 | HIPAA News
A HIPAA Administrative Simplification Optimization Project Pilot is being operated by The Department of Health and Human Services is currently inviting volunteers to have compliance audits. The focus of the project is to streamline HIPAA compliance audits for health...
by Patrick Kennedy | Dec 2, 2017 | HIPAA News
Cottage Health will pay $2 million to settle a number of HIPAA violations in relation to state and federal laws. The group, located in Santa Barbara, was reviewed by the California attorney general’s office due to a breach of confidential patient data during 2013. The...
by Patrick Kennedy | Nov 30, 2017 | HIPAA News
A recent report carried out by the Ponemon Institute has emphasized current endpoint security trends, details the ever-present threat from ransomware, and shows that fileless malware cyberattacks are increasing. Annually, endpoint attacks cost the healthcare sector...
by Patrick Kennedy | Nov 30, 2017 | HIPAA News
It has been discovered that an unencrypted laptop has been stolen from one of the employees of Rocky Mountain Health Care Services of Colorado Springs . This is the second such theft incident to be found in the space of just three months. This incident was first...
by Patrick Kennedy | Nov 29, 2017 | HIPAA News
The House Committee on Energy and Commerce has pleaded with the HHS to move forward on all recommendations for medical device security proposed by the Healthcare Cybersecurity Task Force, seeking quick action to be taken to address existing dangers. The Cybersecurity...
by Patrick Kennedy | Nov 28, 2017 | HIPAA News
An unencrypted laptop has been stolen from one of its employees in a theft, the second such incident to be discovered in the space of three months, at Rocky Mountain Health Care Services of Colorado Springs. The latest breach was identified on September 28. The stolen...
by Patrick Kennedy | Nov 27, 2017 | HIPAA News
A phishing attack at the Medical College of Wisconsin has lead to the exposure of approximately 9,500 patients’ protected health information. The hackers gained access to the email accounts of staff member, which included a range of private information regarding...
by Patrick Kennedy | Nov 24, 2017 | Cybersecurity, HIPAA News
The November 2017 healthcare Breach Barometer Report has been published by Protenus. Following an unusually particularly bad September, healthcare data breach incidents fell to more normal levels, with 37 breaches recorded during the month of October. The monthly...
by Patrick Kennedy | Nov 23, 2017 | Cybersecurity, HIPAA News
UPMC Susquehanna, a network of hospitals and health facilities in Williamsport, Wellsboro, and Muncy in Pennsylvania, has revealed that the protected health information of 1,200 patients has possibly been accessed by unauthorized people. Access to patient data is...
by Patrick Kennedy | Nov 21, 2017 | Cybersecurity, HIPAA News
Personally identifiable information of a limited number of insurance applicants has been exposed online, according to an announcement by Blue Cross and Blue Shield of Florida, dba Florida Blue. Florida Blue was made aware of the exposure of patient data in late August...
by Patrick Kennedy | Nov 20, 2017 | HIPAA News
After a burglary at an off-site storage center in East Brunswick, NJ, Otolaryngology Associates of Central Jersey is making patients aware a breach of their protected health information. The thieves removed 13 boxes of paper medical records from the center, which...
by Patrick Kennedy | Nov 17, 2017 | HIPAA News
Amazon has revealed that new security measures have been added to its cloud server that will make it much more difficult for users to misconfigure their S3 buckets and mistakenly leave their data accessible. While Amazon will complete a business associate agreement...
by Patrick Kennedy | Nov 16, 2017 | HIPAA News
Patients of Cook County Health and Hospitals System, a health system comprising two hospitals and more than a dozen community health centers in Cook County Illinois, have been made aware of a breach of their protected health information. The breach happened at...
by Patrick Kennedy | Nov 15, 2017 | Cybersecurity, HIPAA News
There was been a 305% increase in the number of records exposed in data breaches in the 2017 according to a data breach report from Risk Based Security (RBS), a provider of real time information and risk analysis tools. For its most recent breach report, RBS analyzed...
by Patrick Kennedy | Nov 14, 2017 | HIPAA News
In August 2017 malware was discovered to have been installed on one of the computer servers used by Catholic Charities of the Diocese of Albany (CCDA) in its Glens Falls office, which served patients in Saratoga, Warren and Washington Counties in New York. It was...
by Patrick Kennedy | Nov 9, 2017 | Cybersecurity, HIPAA News
Attorney General Eric T. Schneiderman has introduced the ‘Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)’ into the legislature in New York.it is hoped that Act will protect New Yorkers from unnecessary breaches of their personal data and...
by Patrick Kennedy | Nov 8, 2017 | Cybersecurity, HIPAA News
Two USB drives storing the protected health information of up to 2,000 veterans have been stolen from the Man-Grandstaff VA Medical Center in Spokane, WA it has been reported. The two USB devices were being used to store protected data from a standalone, non-networked...
by Patrick Kennedy | Nov 6, 2017 | HIPAA News
It has recently been discovered that a former employee of the Texas Children’s Health Plan has recieved the protected health information (PHI) of 932 members in a private email. The last known incident where the former employee emailed the data was late in 2016,...
by Patrick Kennedy | Nov 5, 2017 | HIPAA News
A new WannaCry ransomware variant has been used to attack FirstHealth of the Carolinas, a Pinehurst, SC-based not for profit health network. WannaCry ransomware was used in worldwide attacks earlier in May. Over 230,000 computers were infected within 24 hours of the...
by Patrick Kennedy | Nov 3, 2017 | Cybersecurity, HIPAA News
The protected health information (PHI) of almost 8,000 client of Brevard Physician Associates may have been accessed following the theft of an office computer in a recent break in. The burglary happened on September 4, 2017 – Labor Day – when the offices were shut...
by Patrick Kennedy | Nov 1, 2017 | HIPAA News
A HIPAA Breach has been reported at lawnmower engine manufacturer Briggs Stratton which may have affected 12,789 of its employees and potentially resulted in the exposure of names, addresses, dates of birth, driver’s license numbers, Social Security numbers, health...
by Patrick Kennedy | Oct 30, 2017 | HIPAA News
A former staff nurse, 41-year old Tangela Lawson-Brown from Midway, has been found guilty by a court in Tallahassee of the theft of patient information in order to commit aggravated identity theft and wire fraud, and to steal government funds. Between October 2011...
by Patrick Kennedy | Oct 29, 2017 | HIPAA News
The San Antonio, TX, Advanced Spine & Pain Center (ASPC) has advised clients of a possible breach that could have affected as many as 8,362 patients. ASPC became aware of a potential violation of ePHI on July 31, 2017 when some clients reported receiving a...
by Patrick Kennedy | Oct 28, 2017 | HIPAA News
Over the weekend of August 12-13 an individual obtained access to a file server used by Ashland, MI-based Namaste Health Care and installed ransomware software encrypting data including patients’ protected health information. However, prior to the ransomware being...
by Patrick Kennedy | Oct 26, 2017 | HIPAA News
An unencrypted laptop device has been stolen from the automobile of an staff worker of Bassett Family Practice in Virginia, possible leading to the exposure of the protected health information of the Practice’s clients. It is believed that the device, a laptop...
by Patrick Kennedy | Oct 25, 2017 | HIPAA News
Chase Brexton Health Care has reported that the group experienced a phishing cyber attack on August 2 and August 3, 2017 and may have affected as many as 16,562 patients. The cyber attack involved multiple phishing emails being delivered to the inboxes of its...
by Patrick Kennedy | Oct 24, 2017 | HIPAA News
Healthcare organizations often outsource many HIPAA transactions to third-party vendors, yet finding suitable companies that can provide the necessary services can be a time-consuming process. While there is unlikely to be a shortage of companies that could perform...
by Patrick Kennedy | Oct 24, 2017 | HIPAA News
RiverMend Health, a Augusta, GA-based specialty behavioral health provider has reported an unauthorized person has gained access to the email account of one of its employees after suspicious emails were identified being sent from that employee’s account. The...
by Patrick Kennedy | Oct 23, 2017 | HIPAA News
A nurse sacked for a HIPAA violation has lost her legal action against the termination of her employment and a subsequent appeal. On May 7, 2013, Dianna Hereford – a Registered Nurse at the Norton Audubon Hospital in Louisville, KY – was assisting a transesophageal...
by Patrick Kennedy | Oct 22, 2017 | Cybersecurity
September 2017 saw a huge increase in the amount of healthcare data breaches, according to the recently released Breach Barometer report from Protenus which shows there was a serious rise increase. The Protenus report examines data violations made known to the...
by Patrick Kennedy | Oct 19, 2017 | Cybersecurity
New ISACA research reveals that a lot more work still needs to be done in information and technology governance. According to the research, cyber security and defenses present the biggest technological challenges to corporate governance. Boards of directors and team...
by Patrick Kennedy | Oct 19, 2017 | Cybersecurity, HIPAA News
Another unsecured Amazon S3 bucket used by a HIPAA-covered entity has been found by Kromtech Security. The unsecured bucket was storing contained 47.5GB of medical details relating to around 150,000 people. The medical details contained in the files included blood...
by Patrick Kennedy | Oct 18, 2017 | HIPAA News
The medical details of in excess of 10,000 patients of a Naperville, IL-based psychiatrist – Dr. Riaz Baber, M.D. – have been located in the basement of an Aurora residence by the female who rented the house from the psychiatrist. The files in question had been kept...
by Patrick Kennedy | Oct 17, 2017 | HIPAA News
At the beginning of 2014 the HHS proposed a new rule for certification of compliance for health plans which would have required all controlling health plans (CHPs) to complete a range of documentation. This would have shown the HHS that the CHPS were in compliance...
by Patrick Kennedy | Oct 16, 2017 | HIPAA News
Amida Care, the New York-based not-for-profit community health plan, advised that a possible HIPAA breach may have occurred impacting up to 6,231 of its subscribers. The group provides health coverage and coordinated care to Medicaid subscribers with chronic health...
by Patrick Kennedy | Oct 13, 2017 | HIPAA News
The U.S. House of Representatives has paased the Internet of Medical Things Resilience Partnership Act, aiming to put in place a public-private stakeholder partnership. This partnership will be charged with developing a cybersecurity framework that can be implemented...
by Patrick Kennedy | Oct 12, 2017 | Cybersecurity, HIPAA News
A fax machine used by a Doctor at Grand Rapids, MI, based Spectrum Health System was recently found to contain the PHI of almost 20 patients. The fax machine was bought from resale shop by a local, who found documents were still stored in the memory of the machine....
by Patrick Kennedy | Oct 11, 2017 | HIPAA News
According to a recent study by MediaPro, a provider of privacy and security awareness training, best practices for privacy and security are still not well understood by 70% of U.S. employees. For the study, MediaPro questioned 1,012 U.S. workers and posed them a range...
by Patrick Kennedy | Oct 10, 2017 | Cybersecurity, HIPAA News
Texas orthopedic clinic CoPilot are just now informing their patients that their protected health information may have been exposed in a 2015 CoPilot data breach. In October 2015, an online portal managed by CoPilot Provider Support Services was accessed by an...
by Patrick Kennedy | Oct 9, 2017 | HIPAA News
A settlement of $264,000 has been agreed with the Vermont Attorney Genera and SAManage USA in relation to the 2016 data breach that resulted in the Social Security numbers of 660 Vermont residents being exposed online. SAManage USA, a technology group that supplies...
by Patrick Kennedy | Oct 6, 2017 | Cybersecurity, HIPAA News
A Catholic health system based in Vancouver, WA PeaceHealth, has revealed discovered that a former member of staff had accessed the medical history of almost 2,000 patients without any an adequate work reason. The unauthorized and inappropriate access was found by...
by Patrick Kennedy | Oct 4, 2017 | HIPAA News
Almost 4,000 people have potentially had their sensitive patient data exposed in Spokane, WA after a laptop computer once used by the Mann-Grandstaff VA Medical Center (MGVAMC) has been reported as missing. The laptop device was paired with a hematology analyzer and...
by Patrick Kennedy | Oct 3, 2017 | Cybersecurity, HIPAA News
Nebraska-based CBS Consolidated Inc., operating as Cornerstone Business & Management Solutions, completed a routine audit of system logs on July 10, 2017 and discovered a seemingly strange account on their servers. This case further highlights the importance of...
by Patrick Kennedy | Oct 2, 2017 | Cybersecurity
Hacking group TheDarkOverlord, after an apparent period of inactivity, has claimed responsibility for another successful attack on a U.S. healthcare supplier. This time the victim was Mass-based SMART Physical Therapy (SMART PT). The announcement of the data theft...
by Patrick Kennedy | Oct 2, 2017 | Cybersecurity, HIPAA News
A HIPAA violation at Mercy Health Love County Hospital may have exposed the private information of in excess pf 13,000 patients in Oklahoma. On June 23, 2017, the health centre found that a member of staff employee had stolen a laptop computer and paper records from a...
by Patrick Kennedy | Sep 26, 2017 | HIPAA News
Some healthcare organizations have violated patient privacy and HIPAA Rules when responding to negative critiques on Yelp and otherreview sites according to a recent ProPublica report. For the report, ProPublica was given with access to around 1.7 million Yelp reviews...
by Patrick Kennedy | Sep 25, 2017 | HIPAA News
The HIPAA Omnibus Rule (Health Insurance Portability and Accountability Act of 1996 Omnibus Rule) was drafted in July 2010; however the final release has been put off until this month some of the concerns raised by stakeholders about the latest HIPAA amendment can be...
by Patrick Kennedy | Sep 20, 2017 | Cybersecurity, HIPAA News
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has just received a joint settlement of $1,975,220 for the potential breaches of HIPAA arising following the theft of a laptop storing unencrypted ePHI data. The failure to adhere to the...
by Patrick Kennedy | Sep 19, 2017 | HIPAA News
Less than one month after Boston’s Beth Israel Deaconess Medical Center reached a settlement with the Massachusetts Attorney General for HIPAA violations after a laptop was stolen containing unencrypted PHI, Boston Children’s Hospital has been fined for failing to...
by Patrick Kennedy | Sep 16, 2017 | HIPAA News
A security breach that has potentially impacted almost 13,000 patients has been announced by Hand & Upper Extremity Centers. The breach happened at Thousand Oaks, CA-based Hand Rehabilitation Specialists (HRS). While it is unclear when the breach actually...
by Patrick Kennedy | Sep 16, 2017 | HIPAA News
An review has been completed into a privacy violation at the University of Pittsburgh Medical Center’s Bedford Memorial hospital, in a case which photographs and videos of a patient’s genitals were captured by hospital staff and in some cases, were shared with other...
by Patrick Kennedy | Sep 15, 2017 | HIPAA News
Almost 70 patient files containing sensitive personal and medical data have been found in an alley in Denver, CO. The files include details of patients’ medical histories, insurance information, and Social Security numbers – The types of information chased by identity...
by Patrick Kennedy | Sep 15, 2017 | HIPAA News
The Department of Health and Human Services’ Office for Civil Rights, earlier in 2017, settled a case with Mount Sinai St. Luke’s Hospital to resolve alleged breaches of HIPAA following a 2014 impermissible disclosure of a patient’s HIV positive status to his...
by Patrick Kennedy | Sep 14, 2017 | HIPAA News
In June 2014, hackers succeeded in accessing to a database controlled by CareFirst BlueCross BlueShield and the secured health information of 1.1 million of its members. The types of information exposed due to the hack included names, email addresses, dates of birth,...
by Patrick Kennedy | Sep 2, 2017 | Cybersecurity, HIPAA News
Aetna is facing a class action lawsuit following a privacy breach that saw the HIV positive status of up to 12,000 individuals disclosed against the patients’ wishes. The individuals names and addresses were visible during a recent mail distribution when...
by Patrick Kennedy | Aug 31, 2017 | Cybersecurity
In a release yesterday, HHS Secretary Tom Price stated that OCR will waive sanctions and financial penalties for specific Privacy Rule violations against hospitals in the Hurricane Harvey disaster area. This waiver is only applicable to the provisions of the...
by Patrick Kennedy | Aug 13, 2017 | HIPAA News
The HIPAA Breach Notification Rule (45 CFR §§ 164.400-414) states that all covered entities must notify the HHS’ Office for Civil Rights of a breach of unsecured protected health information and issue notification letters to affected people without unreasonable delay...
by Patrick Kennedy | Aug 5, 2017 | HIPAA News
The Breach Barometer mid year reviews has been released by Protenus, in conjunction with Databreaches.net. This report covers all data privacy breaches reported in health care over the past 6 months. It provides valuable insights into 2017 data breach trends for the...
by Patrick Kennedy | Jul 30, 2017 | HIPAA News
Cases of staff members accessing on medical records are relatively common, although an incident at Tewksbury Hospital in Massachusetts stands out duration of time that an employee was accessing medical records without authorization before being apprehended. The...
by Patrick Kennedy | Jul 29, 2017 | HIPAA News
The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule allows patients to view the health information held by their providers. According to a recent U.S. Government Accountability Office (GAO) release there is only a relatively small amount of...
by Patrick Kennedy | Jul 28, 2017 | HIPAA News
In June 2017, the Department of Health and Human Services confirmed it was considering updating its data breach portal – commonly referred to as the OCR ‘Wall of Shame’. Section 13402(e)(4) of the HITECH Act obliges OCR to maintain a public list of privacy breaches of...
by Patrick Kennedy | Jul 20, 2017 | HIPAA News
ONC National Coordinator Don Rucker, M.D., has confirmed that the office will be closed out in fiscal year 2018 due to the cuts to the budget of the Office of the National Coordinator for Health Information Technology (ONC) Deven McGraw, the Deputy Director for...
by Patrick Kennedy | Jul 17, 2017 | HIPAA Advice
Dropbox is a widely-used file hosting service operated by many organizations to share files, but what about protected health information? Is the service HIPAA compliant? Dropbox beleives it now supports HIPAA and HITECH Act compliance but that does not mean Dropbox is...
by Patrick Kennedy | Jul 5, 2017 | Cybersecurity, HIPAA News
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a reminder to all covered entities and business associates of the possible risks associated with file sharing and collaboration tools, outlining the dangers these services can...
by Patrick Kennedy | Jun 30, 2017 | HIPAA News
Health insurance provider Aetna, based in Hartford, CT has found that the protected health data of more than 5,000 plan subscriber has been released online and was accessible to the public through search engines. Aetna started looking into a security issue affecting...
by Patrick Kennedy | Jun 28, 2017 | HIPAA News
A ransomware attack on medical supply company Airway Oxygen Inc., in April 2017 may have led to the protected health information of 500,000 individuals being accessed by cyber attackers. No evidence of data access or theft was found by Airway Oxygen, based in Wyoming,...
by Patrick Kennedy | Jun 27, 2017 | HIPAA News
The largest data breach settlement officially recorded has been agreed by the health insurer Anthem Inc. Anthem suffered the largest healthcare data breach ever reported in 2015, with s cyberattack leading to the theft of 78.8 million records of current and former...
by Patrick Kennedy | Jun 20, 2017 | HIPAA News
A data breach that happened in October 2015 should have seen affected people notified within 8 weeks. However, it took CoPilot Provider Support Services Inc., until early 2017 to issue data breach notifications. An administration online portal controlled by CoPilot...
by Patrick Kennedy | Jun 17, 2017 | HIPAA News
Beginning from 2009, the Department of Health and Human Services’ Office for Civil Rights has been publishing summaries of healthcare data breaches on its website, a list is often referred to as OCR’s ‘Wall of Shame’. This list only gives a brief summary of data...
by Patrick Kennedy | Jun 2, 2017 | HIPAA News
The recent ransomware attacks and healthcare IT security incidents have driven the Department of Health and Human Services’ Office for Civil Rights to release a reminder to covered entities about HIPAA Rules on security breaches. In its May 2017 Cyber Newsletter, OCR...
by Patrick Kennedy | May 27, 2017 | HIPAA News
Iliana Peters, Office for Civil Rights Senior Advisor for HIPAA Compliance and Enforcement, has given an update on OCR’s enforcement activities in a recent Health Care Compliance Association ‘Compliance Perspectives’ podcast. OCR reviews all data breaches involving...
