A recently-published Black Book Research report shows that approximately 90% of healthcare groups have encountered a data violation since Q3 2016, yet IT security investment at 88% of hospitals remains at 2016 figures. This information is the result of a survey of...
AWS Costs Reduced by 60% by Tristar Medical Group
Healthcare groups are, more and more, using the cloud to meet their IT requirements, but while there are many benefits to be had from moving applications, infrastructure and data center operations to the cloud, managing cloud costs remains a major Obstacle. Many...
Abbot Laboratories Defibrillator Flaws Alert Issued by FDA
The U.S. Food and Drug Administration has released an alert regarding certain Abbott Laboratories implantable cardiac devices that have cybersecurity weaknesses that could possibly be targeted to alter the usability of the devices. A number implantable cardiac...
1,000 Patients of es Moines Crisis Observation Center have PHI Exposed
Over a period of three and a half years, 1,071 patients of Des Moines Crisis Observation Center, who received medical services at the operated by Polk County Health Services Inc., have been contacted to advise them that some of their protected health information has...
Potential PHI Compromise May Have Impacted 582,000 Patients of California Dept. of Developmental Services
582,174 patients of the California Department of Developmental Services (DDS) is contacting customers to inform them that their protected health information has possibly been compromised. Last February 11, 2018, some people broke into the DDS legal and audits offices...
UnityPoint Health Phishing Attack Compromises Several Employee Email Accounts
It has been discovered that UnityPoint Health employee accounts have been compromised and accessed by unauthorized persons. The employee email accounts were initially accessed on November 1, 2017 and went on for a period of three months until February 7, 2018, when...
Baptist Health Notifies Almost 1,500 Patients That Credit Card Details May Have Been Accessed
It has been discovered that a former employee of Baptist Health’s West Kendall Baptist Hospital in Miami, FL obtained the credit card details of patients and used the data to make fraudulent purchases. The improper use of credit cards was first noticed by Baptist...
Integrated Rehab Consultants Patients Not Made Aware of PHI Breach for 18 Months
Physiatry Group Integrated Rehab Consultants based in Chicago, IL-based is issuing notification letters to impacted patients alerting them of the exposure of some of their protected health information in line with HIPAA requirements. However, the breach was not first...
Middletown Medical Data Breach Impacts 63,500 Patients
A improperly configured security setting on a radiology interface has lead to the exposure of tens of thousands of patients’ protected health data. A multi-specialty physicians’ organization based in Middleton, NY, Middletown Medical, first noticed the misconfigured...
4,000 Patients Notified of Texas Health Resources Email Account Breach
Texas Health Resources, a group providing services to over 1.7 million patients in North Texas, is alerting ‘fewer than 4,000 patients’ that a portion of of their sensitive information may have been obtained by an unauthorized person. The data breach may have happened...
UnityPoint Health Phishing Attack Impacts Several Staff Email Accounts
It has been discovered that a number of email accounts of staff members of UnityPoint Health have been accessed by unauthorized individuals. Staff email accounts were first accessed on November 1, 2017 and went on for a duration of three months, ending on February 7,...
ONC Publishes Patient Guidebook on Health Record Access
The Department of Health and Human Services’ Office of the National Coordinator for Health IT (ONC) has released a new patient guidebook on health record access. The guidebook goes through how patients can access their health data, offers advice for checking health...
2,100 Chesapeake Regional Healthcare Patients PHI Breached in Hard Drives Theft
Chesapeake Regional Healthcare has found that two hard drives storing the protected health information (PHI) of around 2,100 patients ave gone missing from the Chesapeake Regional Medical Center campus located in Chesapeake, Virginia. The data saved on the devices...
Data Breach Notification and Information Security Laws Refreshed in Oregon
Oregon has reviewed its data breach notification law to enhance protections for state citizens whose personal information is exposed in a data violation. State governor Kate Brown put her signature to Senate Bill (SB 1551) in March, which brings several regulations up...
Poor Patching Practices in Healthcare Revealed on Ponemon Institute Study
A recent survey carried out by the Ponemon Institute for ServiceNow has unveiled that healthcare and pharmaceutical companies are not keeping up to date on patching. Weaknesses are not being patched quickly leaving organizations susceptible to attack. The survey was...
Major Problem with Insider Breaches Proving a Serious Issue in Healthcare Sector: Verizon Report
Verizon has published its yearly Protected Health Information Breach Report which digs deep into the main factors behind the breaches, why they happen, the motivations of internal and external threat actors, and the main dangers to the confidentiality, integrity, and...
$418,000 Fine for Virtua Medical Group for Violations of HIPAA and New Jersey Law
A network of physicians linked to more over that 50 medical practices in New Jersey, Virtua Medical Group, has been hit with a massive financial penalty by the New Jersey Attorney General’s Office for failing to safeguard the privacy of over 1,650 patients whose...
Phishing Attack at CareFirst BCBS Impacts 6,800 Members
A targeted phishing attack carried out on CareFirst Blue Cross Blue Shield has lead to the exposure of 6,800 plan subscriber’ protected health data. The attack was first discovered by CareFirst on March 12, 2018, resulting in a complete review of their systems, which...
Family Members of 14,000 Subscribers Impacted by Data Breach
The Special Agents Mutual Benefit Association (SAMBA) health plan is warning almost 14,000 people in relation to a February 2018 protected health information breach. The data breach targeted eligible family members of clients who were covered by the Federal Employees...
3,751 Patients’ of Arc of Erie County New York have PHI Exposed
The Arc of Erie County New York (The Arc), a supplierer of person-centered services to people with developmental disabilities, has found that two spreadsheets holding the protected health information of 3,751 patients were accessible on the Internet with no...
Cambridge Health Alliance Suffers PHI Breach
Law enforcement agencies have notified Cambridge Health Alliance (CHA) that the protected health information of some of its subscibers has been obtained by an unauthorized individual. Everett Massachusetts Police Department alerted, on January 31, 2018, CHA that data...
35,000 Patients Affected by ATI Physical Therapy Data Breach
ATI Physical Therapy has found that protected health information of over 35,000 of its clients may have been accessed when hacker captured details within the email accounts of some of its staff members. A security breach was found on January 18, 2018 when ATI Physical...
42,000 Patients’ PHI Violated due to Server Misconfiguration
A New York medical practice has revealed that tens of thousands of their patients have had their protected health information exposed online due to an improperly configured server. It is currently not obvious if anyone other than the security researcher who found the...
Victims of CVS Caremark Data Breach Pursuing Class Action Lawsuit
It is believed that healthcare data breach that saw the protected health information of clients of CVS Caremark impacted has lead to legal action against CVS, Caremark, and its mailing supplier, Fiserv. The legal action, which was submitted in Ohio federal court on...
Finger Lakes Health hit by ransomware attack
Geneva, NY-based Finger Lakes Health has been hit by a ransomware attack that has impacted its computer system. Employees have been forced to work on pen and paper while the health system tries to remove the malware and restore access to electronic data. The...
Pathology Lab Patients’ PHI Exposed Following Theft of Unencrypted Laptop
A Clinical Pathology Laboratories Southeast, Inc., (CPLSE) employee's unencrypted work laptop computer has been stolen, exposing the protected health information of targeted patients and their payment guarantors. Swift action was taken by CPLSE to stop the laptop from...
Threat Detection and Information Sharing in Healthcare Strengthened by NH-ISAC Partnership with Anomali
Anomali has teamed up with the National Health Information Sharing and Analysis Center (NH-ISAC) and will be supplying threat intelligence to healthcare groups through NH-ISAC. Anomali will be supplying NH-ISAC with the necessary tools and infrastructure to allow its...
2015 Email Breach may Have affected 1,049 Patients at RoxSan Pharmacy
RoxSan Pharmacy has made contact with 1,049 patients to advise them that some of their protected health information has been shared with to a business associate via unencrypted email. The notification letters were issued to affected people last month, although the...
Primary Health Care Reports Unauthorized Access to Multiple Email Accounts
Primary Health Care Inc., a non-profit network of community health oganizations based in Des Moines, Marshalltown and Ames, IA, has found that malicious actors have obtained access to the email accounts of four staff members and have possibly viewed or gained...
Alabama State Senate Passes Data Breach Notification Act
The Alabama Data Breach Notification Act (Senate Bill 318) has progressed to be considered by the House of Representatives after being unanimously agreed upon by the Alabama Senate recently. Alabama is one of the final two states that still has to bring in laws which...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
COMPREHENSIVE HIPAA TRAINING
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute