Vancouver, Washington, based Southwest Washington Regional Surgery Center has been hit by a phishing attack that has lead to the exposure of 2,393 patients’ protected health information. The breach was restricted to a single staff email account and no proof was found...
Inova Health System Leads to Billing Records of 12,331 Patients Being Compromised
Virginia based Inova Health System has started to contact 12,331 patients to advise them that some of their protected health information has been obtained by an unauthorized person. Law enforcement contacted Inova Health System on September 5, 2018 in relation to a...
Syracuse Hospital Records of 1216 Individuals Impacted in HIPAA Breach
Upstate University Hospital in Syracuse, NY, is getting in touch with 1,216 patients to advise them that some of their protected health information (PHI) has been impermissibly accessed by a former member of staff. Upstate University Hospital first identified the...
Reports: Ransomware Attacks Rise as Healthcare Sector is Heaviest Hit
According to the most recent Beazley’s Q3 Breach Insights Report, Cyber Criminal campaigns attacks are increasing once again and healthcare is the most targeted sector. Ransomware attacks on healthcare groups comprised 37% of those managed by Beazley Breach Response...
PHI of 10,000 Patients of Raley’s Pharmacy Possibly Impacted in Laptop Theft
Around 10,000 patients of Raley’s Pharmacy are being contacted to inform them that some of their protected health information (PHI) has potentially been impacted in a data breach. On September 24, 2018, a laptop computer was taken from a Raley’s pharmacy that may have...
Sioux City Eye Clinic Suffers Data Breach Potentially Impacting 40,000 Individuals
Jones Eye Clinic and its affiliated surgery center, CJ Elmwood Partners, L.P, in Sioux City, IA has revealed that the protected health information of up to 40,000 of its patients may have been compromised.The private data breach occurred following a ransomware attack...
Mailing Error Leads to Michigan Medicine Alerting 3,600 Patients of PHI Disclosure
Michigan Medicine is contacting over 3,600 patients to make them aware of an impermissible disclosure of a restricted amount of their protected health information. In early September 2018, the Michigan Medicine Development Office initiated a fundraising campaign that...
Medtronic Implantable Cardiac Device Programmers Subjected to FDA Issues Warning Regarding Flaws
The U.S. Food and Drug Administration (FDA) has released a warning about flaws in certain Medtronic implantable cardiac device programmers which could possibly be targeted by hackers to alter the functionality of the programmer during implantation or follow up visits....
Envision Healthcare Corporation and Biomarin Pharmaceutical Have Email Accounts Compromised
Biomarin Pharmaceutical, based in Novato, CA-based has discovered two staff email accounts have been compromised due to a phishing attack in which a non-permanent employee’s login details were obtained by the hacker. The attack was noticed on June 21, 2018 and swift...
21,000 Patients of Minnesota DHS Notified That Their PHI Has Potentially Been Compromised
Letters have been mailed to approximately 21,000 individuals on medical assistance by the Minnesota Department of Human Services to alert them of a potential breach of their protected health information (PHI) due to two phishing campaigns which took place recently....
Cybersecurity Activities Awareness Highlighted in New HHS OIG Web Page
The Department of Health and Human Services’ Office of Inspector General (HHS OIG) is highlighting awareness of the measures it implements to address cyberthreats within the HHS and the healthcare sector as a whole and is implementing measure to raise transparency of...
PHI Breach Lawsuit Regarding California HIV Patient Will Go Ahead
A data breach, that saw the highly sensitive protected health information of 93 lower-income HIV positive individuals stolen by unauthorized individuals, will go to trial after a lawsuit submitted by Lambda Legal on behalf of a victim survived a motion to dismiss....
Several Employees of Claxton-Hepburn Medical Center Sacked due to Inappropriate PHI Access
A not-for-profit 115-bed community hospital in Ogdensburg, NY, Claxton-Hepburn Medical Center has sacked several employees for accessing patient health records without official permission.The PHI breaches were identified during an internal review. It is not yet...
Uber Settles Data Breach by Paying $148m
Uber, the peer-to-peer ridesharing, taxi cab, food delivery, bicycle-sharing and transportation network company has settled a fine in relation to a 2016 cyber-attack that exposed data from 57 million customers and drivers for $148m. The payment in question settles the...
Blue Cross and Blue Shield of Rhode Island Privacy Breach Caused by External Mailing Vendor
Blue Cross and Blue Shield of Rhode Island (BCBSRI) is contacting 1,567 plan subscribers that a portion of their protected health information has been impermissibly made accessible by one of its business partners. A BCBSRI vendor was hired to issue explanation of...
Brooklyn’s Kings County Hospital Employee Accused of Stealing and Selling Patients’ PHI
A former staff member of the emergency department of Brooklyn’s Kings County Hospital is accused of stealing the protected health information of at least 100 patients while employed there. The same person is accused of sharing this information to another individual...
Ransomware Attack Hits Fetal Diagnostic Institute of the Pacific
Honolulu-based Fetal Diagnostic Institute of the Pacific (FDIP) was hit by a ransomware attack on June 30 this year. File-encrypting software was uploaded to an FDIP server and encrypted a wide range of file types some of which were patient medical records. FDIP...
Phishing Attack Impacts 21,000 Reliable Respiratory Patients
Reliable Respiratory, a Norwood, MA-based respiratory care organisation has been subjected to a phishing attack that has impacted several thousand of its clients. A cyberattack was first noticed on July 3, 2018, after the detection of unusual activity in an staff...
New Mexico Hospital Medical Records Found Scattered in Public
The New Mexico Department of Health is trying to ascertain how the private medical records of some of its clients came to fall from a truck while being taken from the hospital to a secure storage center. The records originated at Turquoise Lodge Hospital, a...
19,570 Missouri Care Members’ PHI Exposed in Mailing Error
A mailing mistake that was sent to Missouri Care subscribers reminding them to reserve well-child visits has resulted in the accidental disclosure of the personal data of approximately 20,000 children to other Missouri Care subscribers. The personal information...
1,790 Patients Impacted by Phishing Attack on Los Angeles Drug and Alcohol Treatment Center
Authentic Recovery Center, a West Los Angeles-based drug and alcohol treatment center, is contacting 1,790 clients to inform them that some of their personally identifiable information (PII) and protected health information (PHI) may have been stolen by an...
Cybersecurity Insurance Not Implemented by 30% of Healthcare Organizations
A survey carried out by Ovum for analytics firm FICO has pointed to the fact that there has been a sharp rise in companies signing up for cybersecurity insurance, but the healthcare sector in general has been slow to follow this trend. In 2017 when the previous survey...
Ransomware Attack Possibly Leads to PHI Access at Central Colorado Dermatology
Central Colorado Dermatology (CCD) has made contact with over 4,000 clients that some of their protected health information (PHI) has possibly been obtained by cyber criminals during a ransomware attack on its IT systems. An unauthorized person obtained access to...
Email Account Hacked Discovered at InterAct of Michigan
InterAct of Michigan, a provider of mental health and substance abuse treatments through health centers in Kalamazoo and Grand Rapids, has found an unauthorized person has obtained access to the email account of a staff member and may have viewed and copied the...
Adams County Government Data Breach May Have Affected Over 258,000 Wisconsin Residents
Over 258,000 people have had their personal health information, personal identification information and/or tax information accessible online due to a data security incident in Adams County, Wisconsin. A possible security breach was discovered on March 28, 2018 after...
13,034 Patients Affected by MedSpring Urgent Care Breach
A group of urgent care clinics in Atlanta, Chicago, Austin, Dallas, Fort Worth, and Houston, MedSpring Urgent Care has identified a breach that occurred when an unauthorized individual has gained access to an email account due to an employee being tricked by a...
Three Hundred Thousand SSM Health Patients Have Protected Health Information Exposed
Jefferson City, Missouri based SSM Health St. Mary’s Hospital is contacting hundreds of thousands of patients to warn them that some of their protected health information has been left unprotected and may have have been accessed by unauthorized parties. On November...
UnityPoint Health Phishing Attack May Have Impacted 1.4 Million Patients
A huge UnityPoint Health phishing attack has been reported to the HHS’ Office for Civil Rights (OCR) , one in which the protected health information of up to 1.4 million patients could have been obtained by cyber criminals. So far, this phishing incident is the...
Business Associate Error Leads to 19,000-Record Breach at Orlando Orthopaedic Center
A mistake has resulted in the exposure of more than 19,000 patients’ protected health information (PHI) took place during a software upgrade on a server owned by a transcription service provider. Patients impacted by the breach had attended Orlando Orthopaedic Center...
$150,000 Settlement Proposed by Flowers Hospital for 2014 Data Breach
A class action lawsuit submitted after a staff-member related data breach at Flowers Hospital in Dothan, Alabama in 2014 is likely to be settled. The settlement is awaiting final court approval, although approval seems imminent and a resolution to this four-year legal...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
COMPREHENSIVE HIPAA TRAINING
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute