The findings of an audit of the North Carolina State Medicaid agency by The Department of Health and Human Services’ Office of Inspector General (OIG) have been published in a new report. The report indicates that […]
Almost 10,000 patients of Columbus Surgery Center, LLC and Eye Physicians, P.C., in Columbus, Nebraska have been impacted by a ransomware attack. The ransomware attack was carried out on October 7, 2017 and hit a […]
Once the General Data Protection Regulation (GDPR) comes into play, in May 2018, it will be possible for any organisation that does not comply to be fined as much as 4% of annual turnover, or […]
The November 2017 healthcare Breach Barometer Report has been published by Protenus. Following an unusually particularly bad September, healthcare data breach incidents fell to more normal levels, with 37 breaches recorded during the month of […]
UPMC Susquehanna, a network of hospitals and health facilities in Williamsport, Wellsboro, and Muncy in Pennsylvania, has revealed that the protected health information of 1,200 patients has possibly been accessed by unauthorized people. Access to […]
Personally identifiable information of a limited number of insurance applicants has been exposed online, according to an announcement by Blue Cross and Blue Shield of Florida, dba Florida Blue. Florida Blue was made aware of […]
There was been a 305% increase in the number of records exposed in data breaches in the 2017 according to a data breach report from Risk Based Security (RBS), a provider of real time information and […]
Attorney General Eric T. Schneiderman has introduced the ‘Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)’ into the legislature in New York.it is hoped that Act will protect New Yorkers from unnecessary breaches […]
Two USB drives storing the protected health information of up to 2,000 veterans have been stolen from the Man-Grandstaff VA Medical Center in Spokane, WA it has been reported. The two USB devices were being […]
The protected health information (PHI) of almost 8,000 client of Brevard Physician Associates may have been accessed following the theft of an office computer in a recent break in. The burglary happened on September 4, […]
September 2017 saw a huge increase in the amount of healthcare data breaches, according to the recently released Breach Barometer report from Protenus which shows there was a serious rise increase. The Protenus report examines […]
New ISACA research reveals that a lot more work still needs to be done in information and technology governance. According to the research, cyber security and defenses present the biggest technological challenges to corporate governance. […]
Another unsecured Amazon S3 bucket used by a HIPAA-covered entity has been found by Kromtech Security. The unsecured bucket was storing contained 47.5GB of medical details relating to around 150,000 people. The medical details contained […]
A fax machine used by a Doctor at Grand Rapids, MI, based Spectrum Health System was recently found to contain the PHI of almost 20 patients. The fax machine was bought from resale shop by […]
Texas orthopedic clinic CoPilot are just now informing their patients that their protected health information may have been exposed in a 2015 CoPilot data breach. In October 2015, an online portal managed by CoPilot Provider […]
A Catholic health system based in Vancouver, WA PeaceHealth, has revealed discovered that a former member of staff had accessed the medical history of almost 2,000 patients without any an adequate work reason. The unauthorized […]
Nebraska-based CBS Consolidated Inc., operating as Cornerstone Business & Management Solutions, completed a routine audit of system logs on July 10, 2017 and discovered a seemingly strange account on their servers. This case further highlights […]
Hacking group TheDarkOverlord, after an apparent period of inactivity, has claimed responsibility for another successful attack on a U.S. healthcare supplier. This time the victim was Mass-based SMART Physical Therapy (SMART PT). The announcement of […]
A HIPAA violation at Mercy Health Love County Hospital may have exposed the private information of in excess pf 13,000 patients in Oklahoma. On June 23, 2017, the health centre found that a member of […]
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has just received a joint settlement of $1,975,220 for the potential breaches of HIPAA arising following the theft of a laptop storing […]
Aetna is facing a class action lawsuit following a privacy breach that saw the HIV positive status of up to 12,000 individuals disclosed against the patients’ wishes. The individuals names and addresses were visible during […]
In a release yesterday, HHS Secretary Tom Price stated that OCR will waive sanctions and financial penalties for specific Privacy Rule violations against hospitals in the Hurricane Harvey disaster area. This waiver is only […]
The Department of Homeland Security has issued an alert over vulnerabilities in Siemens medical imaging devices. The vulnerabilities could be exploited remotely and attacks would require only a low level of skill. Exploits are publicly […]
The Medical Device Cybersecurity Act introduced by Connecticut Senator Richard Blumenthal last week is intended to improve the security of medical devices by making it harder for the devices to be hacked. If the legislation […]
KPMG has published the findings of its recent Cyber Healthcare & Life Sciences Survey. The survey was conducted on 100 individuals with responsibility for information security at healthcare providers and payers with annual revenues in […]
HITRUST has announced it is embarking on a new Community Extension Program to reach out to healthcare organizations to provide advice on best practices to adopt to improve cybersecurity. The new program will enable HITRUST […]
A recent survey conducted by risk management software vendor Netwrix has revealed only 5% of healthcare organizations are using software for risk management and security governance. Additionally, only 32% of healthcare organizations said they had […]
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a reminder to all covered entities and business associates of the possible risks associated with file sharing and collaboration tools, outlining […]
The Ponemon Institute has conducted an annual benchmark study on the cost of data breaches for the last decade. Their 2016 Cost of Data Breach Study was published by the Institute earlier this week. The […]
At the Healthcare Information and Management Systems Society’s 2017 conference-HIMSS17-OCR’s Deven McGraw released some new information on the HIPAA guidance OCR expects to release in 2017. Last year, the Joint Commission lifted the ban on […]
Although the total number of healthcare data breaches reported in 2016 is an order of magnitude lower than the number seen in 2015, there was a significant increase in the number of covered entities (CEs) […]
In a recent report released by the Department of Health and Human Services’ Office of Inspector General, a third of hospitals do not have sufficient HIPAA-compliant EHR contingency plans in place, although the majority are “largely addressing” […]
In recent years, there has been a substantial increase in the number of cyberattacks on healthcare organizations with the aim of obtaining PHI. It has proven profitable for hackers to conduct attacks on healthcare organizations […]
A nursing assistant from the Parkside Manor assisted-living center in Kenosha, WI., has been fired from her job for recording a video of a practically naked 93-year-old Alzheimer’s patient and sharing it on Snapchat. Recently […]
The Allina Health System Minneapolis Isles clinic has notified around 6,000 patients of a breach of their Protected Health Information (PHI). The clinic, located at 2800 Hennepin Avenue, found instances of improper PHI disposal had […]
Following a data breach that occurred back in 2011, the HHS has revealed that Lahey Hospital and Medical Center has agreed to settle a case with the Office for Civil Rights (OCR) over alleged HIPAA […]
Following the 2012 theft of a laptop computer containing the unencrypted data of 8,883 Connecticut residents, Hartford Hospital – and one of its Business Associates, EMC Corporation (EMC) – have agreed to a settlement with the Connecticut […]
Being compliant with HIPAA Privacy and Security Rules can be a challenge for all organizations, regardless of size. However, smaller healthcare providers tend to have more issues. Budgets tend to be tighter, and a lack […]
A lack of a appropriate workforce with appropriate skills to improve cybersecurity defenses is leading many CISOs and CIOs to look outside their organizations for assistance. Businesses and healthcare suppliers are now increasingly hiring third […]
Government department heads and industry leaders will be attending the 23rd National HIPAA Summit to give updates on the work that has been completed in the last year and to provide information on new legislation […]
The Health IT Policy Committee’s Privacy and Security Workgroup has been reviewing a number of Big Data issues affecting the privacy and security of patients after two public hearings conducted by the organization in December […]
TigerText has revealed it will be presenting a free healthcare communications webinar in which former HHS regulator Adam Greene will be speaking about best practices for introducing a HIPAA-compliant mobile communications strategy. “Ask the Experts: […]
Veriphyr Identity and Access Intelligence has recently published a report into what causes the greatest threat to exposure of Protected Health Information (PHI). The study found that the theft of mobile devices may result in […]
Copyright © 2020 Compliance Junction