There was a provision included in the Health Information Technology for Economic and Clinical Health (HITECH) Act, passed in 2009, for the Department of Health and Human Services to share a portion of HIPAA settlements with those affected by HIPAA breaches. There has...
Aultman Health Foundation, which operates Aultman Hospital in Canton, OH, is alerting around 42,600 patients that some of their protected health information may have been accessed due to a phishing attack. Unauthorized and unknown people succeeded in obtaining access...
By implementing the Domain-based Message Authentication, Reporting and Conformance (DMARC) Standard, healthcare organizations can identify and restrict email spoofing and abuse of their domains; however, relatively few healthcare groups are using DMARC for spam...
If your organization is governed by some (Business Associates) or all (Covered Entities) of the Privacy Rule, it is necessary to obtain a valid release form for HIPAA compliance before Protected Health Information (PHI) is used or disclosed for a purpose not required...
Associates in Psychiatry and Psychology (APP) a Rochester, Minnesota-based health organization has suffered a ransomware attack that targeted several computers that stored patients’ protected health data. The ransomware attack was identified on March 31, 2018. Patient...
Baltimore-based healthcare provider LifeBridge Health has revealed, in a press release issued on May 16, that it had encountered a data breach. While the release made no reference to number of patients impacted at the time of it being issued, additional information...
A May 17, 2018 ransomware attack that took part of the network belonging to Allied Physicians Group of Michiana out of action following the encryption of several files on its network. At present it remains unclear whether any protected health information encrypted. A...
The protected health information of 2,553 patients of Eye Care Surgery Center, Inc., of Baton Rouge, LA has been stolen following the theft of a A laptop computer containing. The theft in question was noticed by Eye Care Surgery Center on February 26, 2018. While it...
An error has caused a database utilized by Cerebral Palsy Research Foundation of Kansas (CPRF) to have its safeguard switched off for 10 months, making the protected health information (PHI) of 8,300 patients accessible. The demographic database that was affected was...
Capital Digestive Care, a Silver Spring, MD-based gastroenterology group has revealed that one of its business associates shared files to a commercial cloud server that did not have proper security controls, exposing the protected health information of up to 17,639...
Capital Digestive Care, a Silver Spring, MD-based gastroenterology group has revealed that one of its business associates shared files to a commercial cloud server that dd not have appropriate security controls, exposing the protected health information of up to...
A recently-published Black Book Research report shows that approximately 90% of healthcare groups have encountered a data violation since Q3 2016, yet IT security investment at 88% of hospitals remains at 2016 figures. This information is the result of a survey of...
Healthcare groups are, more and more, using the cloud to meet their IT requirements, but while there are many benefits to be had from moving applications, infrastructure and data center operations to the cloud, managing cloud costs remains a major Obstacle. Many...
The U.S. Food and Drug Administration has released an alert regarding certain Abbott Laboratories implantable cardiac devices that have cybersecurity weaknesses that could possibly be targeted to alter the usability of the devices. A number implantable cardiac...
Over a period of three and a half years, 1,071 patients of Des Moines Crisis Observation Center, who received medical services at the operated by Polk County Health Services Inc., have been contacted to advise them that some of their protected health information has...
582,174 patients of the California Department of Developmental Services (DDS) is contacting customers to inform them that their protected health information has possibly been compromised. Last February 11, 2018, some people broke into the DDS legal and audits offices...
It has been discovered that UnityPoint Health employee accounts have been compromised and accessed by unauthorized persons. The employee email accounts were initially accessed on November 1, 2017 and went on for a period of three months until February 7, 2018, when...
It has been discovered that a former employee of Baptist Health’s West Kendall Baptist Hospital in Miami, FL obtained the credit card details of patients and used the data to make fraudulent purchases. The improper use of credit cards was first noticed by Baptist...
Physiatry Group Integrated Rehab Consultants based in Chicago, IL-based is issuing notification letters to impacted patients alerting them of the exposure of some of their protected health information in line with HIPAA requirements. However, the breach was not first...
A improperly configured security setting on a radiology interface has lead to the exposure of tens of thousands of patients’ protected health data. A multi-specialty physicians’ organization based in Middleton, NY, Middletown Medical, first noticed the misconfigured...
Texas Health Resources, a group providing services to over 1.7 million patients in North Texas, is alerting ‘fewer than 4,000 patients’ that a portion of of their sensitive information may have been obtained by an unauthorized person. The data breach may have happened...
It has been discovered that a number of email accounts of staff members of UnityPoint Health have been accessed by unauthorized individuals. Staff email accounts were first accessed on November 1, 2017 and went on for a duration of three months, ending on February 7,...
The Department of Health and Human Services’ Office of the National Coordinator for Health IT (ONC) has released a new patient guidebook on health record access. The guidebook goes through how patients can access their health data, offers advice for checking health...
Chesapeake Regional Healthcare has found that two hard drives storing the protected health information (PHI) of around 2,100 patients ave gone missing from the Chesapeake Regional Medical Center campus located in Chesapeake, Virginia. The data saved on the devices...
Oregon has reviewed its data breach notification law to enhance protections for state citizens whose personal information is exposed in a data violation. State governor Kate Brown put her signature to Senate Bill (SB 1551) in March, which brings several regulations up...
A recent survey carried out by the Ponemon Institute for ServiceNow has unveiled that healthcare and pharmaceutical companies are not keeping up to date on patching. Weaknesses are not being patched quickly leaving organizations susceptible to attack. The survey was...
Verizon has published its yearly Protected Health Information Breach Report which digs deep into the main factors behind the breaches, why they happen, the motivations of internal and external threat actors, and the main dangers to the confidentiality, integrity, and...
A network of physicians linked to more over that 50 medical practices in New Jersey, Virtua Medical Group, has been hit with a massive financial penalty by the New Jersey Attorney General’s Office for failing to safeguard the privacy of over 1,650 patients whose...
A targeted phishing attack carried out on CareFirst Blue Cross Blue Shield has lead to the exposure of 6,800 plan subscriber’ protected health data. The attack was first discovered by CareFirst on March 12, 2018, resulting in a complete review of their systems, which...
The Special Agents Mutual Benefit Association (SAMBA) health plan is warning almost 14,000 people in relation to a February 2018 protected health information breach. The data breach targeted eligible family members of clients who were covered by the Federal Employees...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute