AK-based billing company, Golden Heart Administrative Professionals, a Fairbanks is alerting 44,600 people that some of their protected health information has potentially been obtained by unauthorized people due a recent ransomware attack. The ransomware was placed on...
Billings Clinic Worker has Email Account Hacked while Overseas
An employee's email account, that contained the protected health information of approximately 8,400 patients of Billings Clinic in Billings, MT has been illegally accessed. The breach was discovered by the clinic’s cybersecurity systems on May 14, 2018, with unusual...
Ransomware Attack Shuts down Cass Regional Medical Center EHR Temporarily
Cass Regional Medical Center in Harrisonville, MO suffered a ransomware attack at Around 11am on Monday July 9 that impacted its communication system and stopped staff from logging onto its electronic medical record (EHR) system. The clinic had measures in place for...
Potential Theft of 4,500 Patients’ PHI BY Former Arkansas Children’s Hospital Employee Being Reviewed
A former staff member of Arkansas Children’s Hospital is being investigated by law authorities in relation to the theft and misuse of patients’ protected health information. The breach notice submitted to the Department of Health and Human Services’ Office for Civil...
Age Discrimination Case Over HIPAA Violation: Federal Court Rules in Favor of Main Line Health
In 2016, Radnor, PA-based Main Line Health Inc., fired a member of staff for breaching Health Insurance Portability and Accountability Act (HIPAA) Rules by viewing the personal records of a co-worker without authorization on two different occasions. In such instances,...
Manitowoc County Phishing Attack Leads to PHI Theft
Manitowoc County in Wisconsin has revealed that protected health information has been illegally obtained due to a successful phishing attack. The incident happened close to January 14, 2018, although the attack and data breach was not identified until April 24. While...
Humana Reports Cyber Spoofing Attack
Humana is contacting members across the US to notify them that their PHI may have been been accessed during a ‘sophisticated’ spoofing campaign. A spoofing attack refers to a concerted effort by a threat actor or bot to gain access to a system or data using illegally...
PHI Breach Impacting 1,254 Patients Reported by Associated Dermatology & Skin Cancer Clinic of Helena
In the past few days, Associated Dermatology & Skin Cancer Clinic of Helena, MT, has reported a breach of physical protected health information (PHI) that may have impacted up to 1,254 patients. A journal managed by an employee of Associate Dermatology was taken...
Med Associates Hacking Incident Impacts up to 270,000 Patients
Med Associates the health billing company, located in Latham, NY-based, which provides claims services to over 70 healthcare providers, has found that an employee’s computer has been logged onto by an unauthorized individual. It is possible that the hacker obtained to...
Vulnerabilities Discovered in Natus Xltek NeuroWorks Software Leads to Official Warnings
ICS-CERT has released a warning after identifying eight vulnerabilities in version 8 of Natus Xltek NeuroWorks software implemented in Natus Xltek EEG medical products. If the weaknesses are successfully exploited they could allow a hacker to crash a vulnerable device...
Several Employees of Washington Health System Suspended for HIPAA Breaches
After what is believed to have been inappropriate accessing of patient health records by staff members, Washington Health System has decided to suspend several staff members while the privacy breach is reviewed. While it has not been revealed how many staff members...
Individual Authorization of Uses and Disclosures of PHI for Research Guidance Issued by OCR
New guidance for HIPAA-covered bodies to streamline HIPAA authorizations for uses of protected health information for research purposes has been released by the Department of Health and Human Services’ Office for Civil Rights , as required by the 21st Century Cures...
HIMSS Survey Reveals Concerns in Relation to Mobile Device Security
The results of a HIMSS survey has revealed that medical device security is a strategic focus for most healthcare groups, yet fewer than 50% of healthcare providers have an approved budget for addressing security weaknesses in medical devices. For the survey, HIMSS...
Florida Agency for Persons with Disabilities Hit by Phishing Attack Reported by
A phishing attack has been experienced by the Florida Agency for Persons with Disabilities (FAPD), which provides support services for people with disabilities such as autism, cerebral palsy, spina bifida, and Downs syndrome. The phishing attack took place on April...
Consequences of Veteran Affairs and Sutter Health HIPAA Breaches Revealed
A former member of staff at the Veteran Affairs Medical Center located in Long Beach, CA who illegally stole the protected health information (PHI) of over 1,000 patients has been given a three-year jail sentence. Albert Torres, 51, was working as a clerk in the Long...
Patients PHI Exposed in Two Separate HIPAA Breaches
Two HIPAA-covered organizations are making their patients aware that some of their protected health information (PHI) has been stolen by unauthorized individuals in recent times. PHI Stolen from Staff Member of Christus Spohn Hospitals The protected health information...
HealthEquity Phishing Attack Exposes PHI
HealthEquity Inc. has been hit by a phishing attack leading to the exposure of members’ protected health information. The data breach was restricted to one email account, although a review of the messages in the account showed a range of PHI was potentially stolen by...
Terros Health Phishing Attack Impacts up to 1,600 Patients
A staff member at Phoenix-based Terros Health was tricked by a phishing scam and mistakenly handed over login credentials to the hacker. That person accessed the employee’s email account and may have viewed or obtained a range of protected health information listed in...
Black Book Research Survey Indicates that Mobile Technology is Improving Patient Safety
The results of a recent survey conducted by Black Book Research show that 90% of hospitals and 94% of physicians have implemented mobile technology and believe that it is helping to enhance patient safety and outcomes, . The survey was carried out on 770...
Ransomware Attack May Have Affected up to 3,700 Rise Wisconsin Plan Participants
3,700 plan members of Rise Wisconsin are being warned that some of their protected health information may have been obtained by unauthorized people during a recent ransomware attack. It is estimated that the ransomware was placed on on its IT systems around April 8,...
Nurse Who Shared Patient Data with New Employer gets 1-Year Suspension
A nurse practitioner who breached the privacy of patients by sharing their contact information with her new employer has been suspended for 12 months by the New York State Education Department. In April 2015, Martha C. Smith-Lightfoot obtaine a spreadsheet containing...
Aetna Maintains Efforts to Recoup 2017 HIV Status Privacy Breach Costs
Aetna have launched fresh attempts to recover some of the expenses they incurred in the ongoing legal battles in relation to a 2017 privacy breach involving the exposure of patients’ sensitive health information. A new lawsuit has been submitted by the insurance...
Phillips IntelliVue Patient and Avalon Fetal Monitors Weakness Warning Issued
An official advisory over weaknesses impacting certain Phillips IntelliVue Patient and Avalon Fetal monitors has been released by the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). Three weaknesses have been...
API for Developers for EHR Data Use in Care Management Apps Launched by Apple
A new application programming interface (API) for developers that will allow them to develop health apps that include patients’ EHR data has been launched by Apple. Users who share their EHR data into the Apple Health Records app will be able to distribute the data...
Legal Action Taken over Dismissal of Mosaic Life Care Medical Center Employee
A former member of staff from Mosaic Life Care Medical Center in St. Joseph, MO has filed legal action over wrongful dismissal and retaliation for her taking measures to avoid a breach of the False Claims Act. Debra Conrad, aged 57, claims she was wrongfully sacked...
Colorado Governor Signs Data Protection Bill into Law
In Colorado bill HB 1128 has been signed into law by Governor John Hickenlooper. This bill enhances security for consumer data in the state of Colorado. The bipartisan bill, sponsored by Reps. Cole Wist (R) and Jeff Bridges (D) and Sens. Kent Lambert (R) and Lois...
Dignity Health Report Multiple Data Breaches
A number of different data breaches and violations of HIPAA Rules have been discovered by Dignity Health in the past few weeks. One incident involved a staff member accessing the PHI of patients without official permission, a mistake occurred that allowed a business...
PHI-Exposing Data Security Incidents Discovered by Purdue University
Purdue University have been discovered two security breaches that may have lead to unauthorized people obtaining access to the protected health information of patients. During April Purdue University’s security team identified a file on computers used by Purdue...
Psychiatrist ‘Sacked for a HIPAA Violation’ Take Legal Action Against Former Employers
Boston-based Steward Healthcare System fired a psychiatrist for breaching HIPAA Rules but must now show evidence to jury that he did so. The psychiatrist, Dr. Alexander Lipin, argues he was relieved of his position due to his taking extended disability leave, not for...
HIPAA Violation Settlements May Be Shared with Breach Victims Following OCR Plans
There was a provision included in the Health Information Technology for Economic and Clinical Health (HITECH) Act, passed in 2009, for the Department of Health and Human Services to share a portion of HIPAA settlements with those affected by HIPAA breaches. There has...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
COMPREHENSIVE HIPAA TRAINING
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute