A recently-published Black Book Research report shows that approximately 90% of healthcare groups have encountered a data violation since Q3 2016, yet IT security investment at 88% of hospitals remains at 2016 figures. This information is the result of a survey of...
Healthcare groups are, more and more, using the cloud to meet their IT requirements, but while there are many benefits to be had from moving applications, infrastructure and data center operations to the cloud, managing cloud costs remains a major Obstacle. Many...
The U.S. Food and Drug Administration has released an alert regarding certain Abbott Laboratories implantable cardiac devices that have cybersecurity weaknesses that could possibly be targeted to alter the usability of the devices. A number implantable cardiac...
Over a period of three and a half years, 1,071 patients of Des Moines Crisis Observation Center, who received medical services at the operated by Polk County Health Services Inc., have been contacted to advise them that some of their protected health information has...
582,174 patients of the California Department of Developmental Services (DDS) is contacting customers to inform them that their protected health information has possibly been compromised. Last February 11, 2018, some people broke into the DDS legal and audits offices...
It has been discovered that UnityPoint Health employee accounts have been compromised and accessed by unauthorized persons. The employee email accounts were initially accessed on November 1, 2017 and went on for a period of three months until February 7, 2018, when...
It has been discovered that a former employee of Baptist Health’s West Kendall Baptist Hospital in Miami, FL obtained the credit card details of patients and used the data to make fraudulent purchases. The improper use of credit cards was first noticed by Baptist...
Physiatry Group Integrated Rehab Consultants based in Chicago, IL-based is issuing notification letters to impacted patients alerting them of the exposure of some of their protected health information in line with HIPAA requirements. However, the breach was not first...
A improperly configured security setting on a radiology interface has lead to the exposure of tens of thousands of patients’ protected health data. A multi-specialty physicians’ organization based in Middleton, NY, Middletown Medical, first noticed the misconfigured...
Texas Health Resources, a group providing services to over 1.7 million patients in North Texas, is alerting ‘fewer than 4,000 patients’ that a portion of of their sensitive information may have been obtained by an unauthorized person. The data breach may have happened...
It has been discovered that a number of email accounts of staff members of UnityPoint Health have been accessed by unauthorized individuals. Staff email accounts were first accessed on November 1, 2017 and went on for a duration of three months, ending on February 7,...
The Department of Health and Human Services’ Office of the National Coordinator for Health IT (ONC) has released a new patient guidebook on health record access. The guidebook goes through how patients can access their health data, offers advice for checking health...
Chesapeake Regional Healthcare has found that two hard drives storing the protected health information (PHI) of around 2,100 patients ave gone missing from the Chesapeake Regional Medical Center campus located in Chesapeake, Virginia. The data saved on the devices...
Oregon has reviewed its data breach notification law to enhance protections for state citizens whose personal information is exposed in a data violation. State governor Kate Brown put her signature to Senate Bill (SB 1551) in March, which brings several regulations up...
A recent survey carried out by the Ponemon Institute for ServiceNow has unveiled that healthcare and pharmaceutical companies are not keeping up to date on patching. Weaknesses are not being patched quickly leaving organizations susceptible to attack. The survey was...
Verizon has published its yearly Protected Health Information Breach Report which digs deep into the main factors behind the breaches, why they happen, the motivations of internal and external threat actors, and the main dangers to the confidentiality, integrity, and...
A network of physicians linked to more over that 50 medical practices in New Jersey, Virtua Medical Group, has been hit with a massive financial penalty by the New Jersey Attorney General’s Office for failing to safeguard the privacy of over 1,650 patients whose...
A targeted phishing attack carried out on CareFirst Blue Cross Blue Shield has lead to the exposure of 6,800 plan subscriber’ protected health data. The attack was first discovered by CareFirst on March 12, 2018, resulting in a complete review of their systems, which...
The Special Agents Mutual Benefit Association (SAMBA) health plan is warning almost 14,000 people in relation to a February 2018 protected health information breach. The data breach targeted eligible family members of clients who were covered by the Federal Employees...
The Arc of Erie County New York (The Arc), a supplierer of person-centered services to people with developmental disabilities, has found that two spreadsheets holding the protected health information of 3,751 patients were accessible on the Internet with no...
Law enforcement agencies have notified Cambridge Health Alliance (CHA) that the protected health information of some of its subscibers has been obtained by an unauthorized individual. Everett Massachusetts Police Department alerted, on January 31, 2018, CHA that data...
ATI Physical Therapy has found that protected health information of over 35,000 of its clients may have been accessed when hacker captured details within the email accounts of some of its staff members. A security breach was found on January 18, 2018 when ATI Physical...
A New York medical practice has revealed that tens of thousands of their patients have had their protected health information exposed online due to an improperly configured server. It is currently not obvious if anyone other than the security researcher who found the...
It is believed that healthcare data breach that saw the protected health information of clients of CVS Caremark impacted has lead to legal action against CVS, Caremark, and its mailing supplier, Fiserv. The legal action, which was submitted in Ohio federal court on...
Geneva, NY-based Finger Lakes Health has been hit by a ransomware attack that has impacted its computer system. Employees have been forced to work on pen and paper while the health system tries to remove the malware and restore access to electronic data. The...
A Clinical Pathology Laboratories Southeast, Inc., (CPLSE) employee's unencrypted work laptop computer has been stolen, exposing the protected health information of targeted patients and their payment guarantors. Swift action was taken by CPLSE to stop the laptop from...
Anomali has teamed up with the National Health Information Sharing and Analysis Center (NH-ISAC) and will be supplying threat intelligence to healthcare groups through NH-ISAC. Anomali will be supplying NH-ISAC with the necessary tools and infrastructure to allow its...
RoxSan Pharmacy has made contact with 1,049 patients to advise them that some of their protected health information has been shared with to a business associate via unencrypted email. The notification letters were issued to affected people last month, although the...
Primary Health Care Inc., a non-profit network of community health oganizations based in Des Moines, Marshalltown and Ames, IA, has found that malicious actors have obtained access to the email accounts of four staff members and have possibly viewed or gained...
The Alabama Data Breach Notification Act (Senate Bill 318) has progressed to be considered by the House of Representatives after being unanimously agreed upon by the Alabama Senate recently. Alabama is one of the final two states that still has to bring in laws which...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
Used in 1000+ Healthcare Organizations and 100+ Universities
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute