The U.S. Food and Drug Administration has released an alert regarding certain Abbott Laboratories implantable cardiac devices that have cybersecurity weaknesses that could possibly be targeted to alter the usability of the devices. A number implantable cardiac...
NIST Cybersecurity Framework Version 1.1 Released
The National Institute of Standards and Technology published an updated version of its Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) on April 16, 2018. The Cybersecurity Framework was first made available on February 2014 and...
ONC Publishes Patient Guidebook on Health Record Access
The Department of Health and Human Services’ Office of the National Coordinator for Health IT (ONC) has released a new patient guidebook on health record access. The guidebook goes through how patients can access their health data, offers advice for checking health...
Poor Patching Practices in Healthcare Revealed on Ponemon Institute Study
A recent survey carried out by the Ponemon Institute for ServiceNow has unveiled that healthcare and pharmaceutical companies are not keeping up to date on patching. Weaknesses are not being patched quickly leaving organizations susceptible to attack. The survey was...
Major Problem with Insider Breaches Proving a Serious Issue in Healthcare Sector: Verizon Report
Verizon has published its yearly Protected Health Information Breach Report which digs deep into the main factors behind the breaches, why they happen, the motivations of internal and external threat actors, and the main dangers to the confidentiality, integrity, and...
Liquid Web and HIPAA Compliance
Healthcare groups seeking a hosting solution may identify Liquid Web as a possible vendor, but is Liquid Web HIPAA compliant? Can its cloud management services be used by HIPAA-covered bodies for hosting applications and projects that include electronic protected...
Health Net Refused to Adhere with Security Audit: OPM
The U.S. Office of Personnel Management (OPM) Office of the Inspector General Office of Audits (OIG) has released a Flash Audit Alert claiming Health Net of California has refused to adhere with a recent security audit. Health Net supplies benefits to federal workers,...
Zoom Video Conferencing and HIPAA Compliance
Over 750,000 businesses are now using Zoom for online video and web conferencing. However, before implementing use of the service it is vital to consider if it adheres to HIPAA Rules for appropriate use by healthcare groups in relation to sharing PHI. A cloud-based...
HIPAA Compliance and eFileCabinet
As a document management and storage service for businesses, eFileCabinet provide on-site and cloud storage. However, is the service appropriate for the healthcare sector? Does eFileCabinet adhere with HIPAA rules or will using it lead to HIPAA breaches? Document...
Hospital Data Breach Similarities Shown in AJMC Study
The American Journal of Managed Care has released a report detailing hospital data breaches experienced in the United States. The focus of the study was to discover common characteristics of hospital data breaches, what the biggest issue areas are, the main causes of...
MediaPro Reports Lows Scores on Healthcare Sector Security Awareness
A recent MediaPro report released there is still an absence of readiness to deal with common cyberattacks and privacy and security dangers are still not fully comprehended by healthcare staff. In MediaPro’s 2017 State of Privacy and Security Awareness Report, the firm...
HIPAA Compliance and Yammer
Yammer is a freemium enterprise social networking platform used for private communication and collaboration within organizations since 2008. After a bedding in period Microsoft purchased the company in 2012. It has grown in popularity since then to the extent that it...
Malware-Related Data Breach Experienced at Decatur County General Hospital
A hacker has potentially gained access to the medical records of up to 24,000 patients of Decatur County General Hospital in Tennessee. Teh Helath centre has discovered malware has been placed on a server storing its internal electronic medical record system. A...
Western Washington Medical has PHI of 842 Patients Exposed
Western Washington Medical experienced a PHI breach when the protected health information of 842 patients of Group was exposed in November 2017 after files including sensitive health information were disposed, in error, with normal rubbish. On November 13, 2017, the...
Victims of Ransomware Attacks Susceptible to Further Attacks
A new report released by online security company Sophos indicates that victims of ransomware attacks have a greater chance of suffering additional attacks within the subsequent 12 months. The report states that the healthcare sector is at the highest risk of...
$55k Ransom Paid by Indiana Health Organization to Retrieve Files
Hancock Health , based in Greenfield, Indiana experienced a ransomware attack on Thursday last week. Employees of Hancock were forced to use offline methods to record patient health information, while IT staff tried to respond to the attack and save the encrypted...
Laptop Theft Impacts 43,000 Patients of Coplin Health Systems
43,000 patients of West Virginia-based Coplin Health Systems have been advised that their PHI has possibly been exposed due to the theft of an unencrypted laptop computer from the vehicle of a member of staff. Coplin Health was made aware to the theft of the laptop on...
Data Security Inadequacies at North Carolina State Medicaid Agency by OIG
The findings of an audit of the North Carolina State Medicaid agency by The Department of Health and Human Services’ Office of Inspector General (OIG) have been published in a new report. The report indicates that the State agency has failed to put in place sufficient...
Nebraska Ransomware Attack Impacts Approx 10,000 Patients
Almost 10,000 patients of Columbus Surgery Center, LLC and Eye Physicians, P.C., in Columbus, Nebraska have been impacted by a ransomware attack. The ransomware attack was carried out on October 7, 2017 and hit a large amount of files on some servers being encrypted...
Extent of Insider Data Breaches Highlighted in November Barometer Report
The November 2017 healthcare Breach Barometer Report has been published by Protenus. Following an unusually particularly bad September, healthcare data breach incidents fell to more normal levels, with 37 breaches recorded during the month of October. The monthly...
UPMC Susquehanna Phishing Attack Exposes 1,200 Patients’ PHI
UPMC Susquehanna, a network of hospitals and health facilities in Williamsport, Wellsboro, and Muncy in Pennsylvania, has revealed that the protected health information of 1,200 patients has possibly been accessed by unauthorized people. Access to patient data is...
Almost 1,000 People Affected by Florida Blue Data Breach
Personally identifiable information of a limited number of insurance applicants has been exposed online, according to an announcement by Blue Cross and Blue Shield of Florida, dba Florida Blue. Florida Blue was made aware of the exposure of patient data in late August...
305% Annual Rise in Breached Records According to 2017 Data Breach Report
There was been a 305% increase in the number of records exposed in data breaches in the 2017 according to a data breach report from Risk Based Security (RBS), a provider of real time information and risk analysis tools. For its most recent breach report, RBS analyzed...
NY AG Introduces SHIELD Act to Improve Security of PHI
Attorney General Eric T. Schneiderman has introduced the 'Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)' into the legislature in New York.it is hoped that Act will protect New Yorkers from unnecessary breaches of their personal data and to ensure...
PHI of up to 2,000 Veterans Obtained Following Theft of USB Drives
Two USB drives storing the protected health information of up to 2,000 veterans have been stolen from the Man-Grandstaff VA Medical Center in Spokane, WA it has been reported. The two USB devices were being used to store protected data from a standalone, non-networked...
Brevard Physician Associates Clients Have PHI Exposed in Burglary
The protected health information (PHI) of almost 8,000 client of Brevard Physician Associates may have been accessed following the theft of an office computer in a recent break in. The burglary happened on September 4, 2017 – Labor Day – when the offices were shut...
Healthcare Data Breaches in September Saw Almost 500K Records Exposed
September 2017 saw a huge increase in the amount of healthcare data breaches, according to the recently released Breach Barometer report from Protenus which shows there was a serious rise increase. The Protenus report examines data violations made known to the...
ISACA Research Highlights IT Governance, Cyber Security Policies and Defenses
New ISACA research reveals that a lot more work still needs to be done in information and technology governance. According to the research, cyber security and defenses present the biggest technological challenges to corporate governance. Boards of directors and team...
Unsecured Amazon S3 Bucket Leads to Breach of Medical Records and Test Results
Another unsecured Amazon S3 bucket used by a HIPAA-covered entity has been found by Kromtech Security. The unsecured bucket was storing contained 47.5GB of medical details relating to around 150,000 people. The medical details contained in the files included blood...
Data Breach after Resold Fax Machine Starts to Print Private Data
A fax machine used by a Doctor at Grand Rapids, MI, based Spectrum Health System was recently found to contain the PHI of almost 20 patients. The fax machine was bought from resale shop by a local, who found documents were still stored in the memory of the machine....
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
COMPREHENSIVE HIPAA TRAINING
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute