A HIPAA violation at Mercy Health Love County Hospital may have exposed the private information of in excess pf 13,000 patients in Oklahoma. On June 23, 2017, the health centre found that a member of staff employee had stolen a laptop computer and paper records from a...
Some healthcare organizations have violated patient privacy and HIPAA Rules when responding to negative critiques on Yelp and otherreview sites according to a recent ProPublica report. For the report, ProPublica was given with access to around 1.7 million Yelp reviews...
The HIPAA Omnibus Rule (Health Insurance Portability and Accountability Act of 1996 Omnibus Rule) was drafted in July 2010; however the final release has been put off until this month some of the concerns raised by stakeholders about the latest HIPAA amendment can be...
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has just received a joint settlement of $1,975,220 for the potential breaches of HIPAA arising following the theft of a laptop storing unencrypted ePHI data. The failure to adhere to the...
The Californian multi-specialty physician’s group, Imperial Valley Family Care Medical Group (IVFCMG), has recently been audited by the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) following a potential breach of patients’ protected...
Less than one month after Boston’s Beth Israel Deaconess Medical Center reached a settlement with the Massachusetts Attorney General for HIPAA violations after a laptop was stolen containing unencrypted PHI, Boston Children’s Hospital has been fined for failing to...
A security breach that has potentially impacted almost 13,000 patients has been announced by Hand & Upper Extremity Centers. The breach happened at Thousand Oaks, CA-based Hand Rehabilitation Specialists (HRS). While it is unclear when the breach actually...
An review has been completed into a privacy violation at the University of Pittsburgh Medical Center’s Bedford Memorial hospital, in a case which photographs and videos of a patient’s genitals were captured by hospital staff and in some cases, were shared with other...
Almost 70 patient files containing sensitive personal and medical data have been found in an alley in Denver, CO. The files include details of patients’ medical histories, insurance information, and Social Security numbers – The types of information chased by identity...
The Department of Health and Human Services’ Office for Civil Rights, earlier in 2017, settled a case with Mount Sinai St. Luke’s Hospital to resolve alleged breaches of HIPAA following a 2014 impermissible disclosure of a patient’s HIV positive status to his...
In June 2014, hackers succeeded in accessing to a database controlled by CareFirst BlueCross BlueShield and the secured health information of 1.1 million of its members. The types of information exposed due to the hack included names, email addresses, dates of birth,...
Aetna is facing a class action lawsuit following a privacy breach that saw the HIV positive status of up to 12,000 individuals disclosed against the patients' wishes. The individuals names and addresses were visible during a recent mail distribution when details of...
The HIPAA Breach Notification Rule (45 CFR §§ 164.400-414) states that all covered entities must notify the HHS’ Office for Civil Rights of a breach of unsecured protected health information and issue notification letters to affected people without unreasonable delay...
The Health Information Trust Alliance (HITRUST) is looking to improve its threat information sharing capabilities and provide more assistance to HIPAA covered entities to help them manage cyber threats more effectively. HITRUST is already providing detailed...
The Breach Barometer mid year reviews has been released by Protenus, in conjunction with Databreaches.net. This report covers all data privacy breaches reported in health care over the past 6 months. It provides valuable insights into 2017 data breach trends for the...
The U.S. Senate has passed new legislation that will allow patients’ histories of drug addiction treatment to be shared with their physicians with consent. The legislation will help to ensure physicians can make more informed decisions about treatment for patients...
Regulations governing the treatment of substance use disorder records and HIPAA are currently at odds, although new legislation has been proposed to align both sets of regulations. Representatives Tim Murphy and Earl Blumenauer have introduced a new bill – The...
The Department of Health and Human Services’ Office for Civil Rights has reminded HIPAA-covered entities why security awareness training for healthcare employees is so important in its July Cybersecurity Newsletter. PHI security is not only about technological...
Cases of staff members accessing on medical records are relatively common, although an incident at Tewksbury Hospital in Massachusetts stands out duration of time that an employee was accessing medical records without authorization before being apprehended. The...
The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule allows patients to view the health information held by their providers. According to a recent U.S. Government Accountability Office (GAO) release there is only a relatively small amount of...
In June 2017, the Department of Health and Human Services confirmed it was considering updating its data breach portal – commonly referred to as the OCR ‘Wall of Shame’. Section 13402(e)(4) of the HITECH Act obliges OCR to maintain a public list of privacy breaches of...
A Plastic Surgery Associates of South Dakota ransomware attack has potentially resulted in criminals gaining access to the protected health information (PHI) of 10,200 of its patients. Last year, OCR confirmed in its ransomware guidance that a ransomware attack is...
For the second time this month, a healthcare provider has announced that an investigation into a ransomware attack has revealed a historic data breach. Earlier this month, Peachtree Neurological Clinic discovered a 15-month data breach during an investigation into a...
AHIMA, the American Healthcare Information Management Association, has announced it has developed a model HIPAA release form that can be used by HIPAA-covered entities to streamline the processing of requests for copies of patients’ health information. The Health...
ONC National Coordinator Don Rucker, M.D., has confirmed that the office will be closed out in fiscal year 2018 due to the cuts to the budget of the Office of the National Coordinator for Health Information Technology (ONC) Deven McGraw, the Deputy Director for...
Peachtree Neurological Clinic has uncovered a 15-month security incident during the investigation of a ransomware attack. The Atlanta, GA clinic says the incident has resulted in the exposure of 176,295 patients’ protected health information. Initially, sensitive data...
The names, admission dates and medical record numbers of 5,292 patients of University of Iowa Health Care were accessible over the Internet for around 2 years as a result of an error configuring an application development website. University of Iowa Healthcare reports...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a reminder to all covered entities and business associates of the possible risks associated with file sharing and collaboration tools, outlining the dangers these services can...
Health insurance provider Aetna, based in Hartford, CT has found that the protected health data of more than 5,000 plan subscriber has been released online and was accessible to the public through search engines. Aetna started looking into a security issue affecting...
A ransomware attack on medical supply company Airway Oxygen Inc., in April 2017 may have led to the protected health information of 500,000 individuals being accessed by cyber attackers. No evidence of data access or theft was found by Airway Oxygen, based in Wyoming,...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute