After what is believed to have been inappropriate accessing of patient health records by staff members, Washington Health System has decided to suspend several staff members while the privacy breach is reviewed. While it has not been revealed how many staff members...
New guidance for HIPAA-covered bodies to streamline HIPAA authorizations for uses of protected health information for research purposes has been released by the Department of Health and Human Services’ Office for Civil Rights , as required by the 21st Century Cures...
The results of a HIMSS survey has revealed that medical device security is a strategic focus for most healthcare groups, yet fewer than 50% of healthcare providers have an approved budget for addressing security weaknesses in medical devices. For the survey, HIMSS...
A phishing attack has been experienced by the Florida Agency for Persons with Disabilities (FAPD), which provides support services for people with disabilities such as autism, cerebral palsy, spina bifida, and Downs syndrome. The phishing attack took place on April...
A former member of staff at the Veteran Affairs Medical Center located in Long Beach, CA who illegally stole the protected health information (PHI) of over 1,000 patients has been given a three-year jail sentence. Albert Torres, 51, was working as a clerk in the Long...
Two HIPAA-covered organizations are making their patients aware that some of their protected health information (PHI) has been stolen by unauthorized individuals in recent times. PHI Stolen from Staff Member of Christus Spohn Hospitals The protected health information...
HealthEquity Inc. has been hit by a phishing attack leading to the exposure of members’ protected health information. The data breach was restricted to one email account, although a review of the messages in the account showed a range of PHI was potentially stolen by...
A staff member at Phoenix-based Terros Health was tricked by a phishing scam and mistakenly handed over login credentials to the hacker. That person accessed the employee’s email account and may have viewed or obtained a range of protected health information listed in...
The results of a recent survey conducted by Black Book Research show that 90% of hospitals and 94% of physicians have implemented mobile technology and believe that it is helping to enhance patient safety and outcomes, . The survey was carried out on 770...
3,700 plan members of Rise Wisconsin are being warned that some of their protected health information may have been obtained by unauthorized people during a recent ransomware attack. It is estimated that the ransomware was placed on on its IT systems around April 8,...
A nurse who shared patient data with her new employer has been suspended for 12 months by the New York State Education Department, while her former employer has been fined $15,000 for the breach of Protected Health Information. In April 2015, Martha C. Smith-Lightfoot...
Aetna have launched fresh attempts to recover some of the expenses they incurred in the ongoing legal battles in relation to a 2017 privacy breach involving the exposure of patients’ sensitive health information. A new lawsuit has been submitted by the insurance...
An official advisory over weaknesses impacting certain Phillips IntelliVue Patient and Avalon Fetal monitors has been released by the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). Three weaknesses have been...
A new application programming interface (API) for developers that will allow them to develop health apps that include patients’ EHR data has been launched by Apple. Users who share their EHR data into the Apple Health Records app will be able to distribute the data...
A former member of staff from Mosaic Life Care Medical Center in St. Joseph, MO has filed legal action over wrongful dismissal and retaliation for her taking measures to avoid a breach of the False Claims Act. Debra Conrad, aged 57, claims she was wrongfully sacked...
In Colorado bill HB 1128 has been signed into law by Governor John Hickenlooper. This bill enhances security for consumer data in the state of Colorado. The bipartisan bill, sponsored by Reps. Cole Wist (R) and Jeff Bridges (D) and Sens. Kent Lambert (R) and Lois...
A number of different data breaches and violations of HIPAA Rules have been discovered by Dignity Health in the past few weeks. One incident involved a staff member accessing the PHI of patients without official permission, a mistake occurred that allowed a business...
Purdue University have been discovered two security breaches that may have lead to unauthorized people obtaining access to the protected health information of patients. During April Purdue University’s security team identified a file on computers used by Purdue...
Boston-based Steward Healthcare System fired a psychiatrist for breaching HIPAA Rules but must now show evidence to jury that he did so. The psychiatrist, Dr. Alexander Lipin, argues he was relieved of his position due to his taking extended disability leave, not for...
There was a provision included in the Health Information Technology for Economic and Clinical Health (HITECH) Act, passed in 2009, for the Department of Health and Human Services to share a portion of HIPAA settlements with those affected by HIPAA breaches. There has...
Aultman Health Foundation, which operates Aultman Hospital in Canton, OH, is alerting around 42,600 patients that some of their protected health information may have been accessed due to a phishing attack. Unauthorized and unknown people succeeded in obtaining access...
By implementing the Domain-based Message Authentication, Reporting and Conformance (DMARC) Standard, healthcare organizations can identify and restrict email spoofing and abuse of their domains; however, relatively few healthcare groups are using DMARC for spam...
If your organization is governed by some (Business Associates) or all (Covered Entities) of the Privacy Rule, it is necessary to obtain a valid release form for HIPAA compliance before Protected Health Information (PHI) is used or disclosed for a purpose not required...
Associates in Psychiatry and Psychology (APP) a Rochester, Minnesota-based health organization has suffered a ransomware attack that targeted several computers that stored patients’ protected health data. The ransomware attack was identified on March 31, 2018. Patient...
Baltimore-based healthcare provider LifeBridge Health has revealed, in a press release issued on May 16, that it had encountered a data breach. While the release made no reference to number of patients impacted at the time of it being issued, additional information...
A May 17, 2018 ransomware attack that took part of the network belonging to Allied Physicians Group of Michiana out of action following the encryption of several files on its network. At present it remains unclear whether any protected health information encrypted. A...
The protected health information of 2,553 patients of Eye Care Surgery Center, Inc., of Baton Rouge, LA has been stolen following the theft of a A laptop computer containing. The theft in question was noticed by Eye Care Surgery Center on February 26, 2018. While it...
An error has caused a database utilized by Cerebral Palsy Research Foundation of Kansas (CPRF) to have its safeguard switched off for 10 months, making the protected health information (PHI) of 8,300 patients accessible. The demographic database that was affected was...
Capital Digestive Care, a Silver Spring, MD-based gastroenterology group has revealed that one of its business associates shared files to a commercial cloud server that did not have proper security controls, exposing the protected health information of up to 17,639...
Capital Digestive Care, a Silver Spring, MD-based gastroenterology group has revealed that one of its business associates shared files to a commercial cloud server that dd not have appropriate security controls, exposing the protected health information of up to...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute