EHR, Meaningful use, ICD-10, Electronic Health Records

Data Breaches News

Children’s National Health Data Breach Leads to Lawsuit

July 29, 2015 - Children’s National Health System is facing a class-action lawsuit following a health data breach where 18,000 patients potentially had their information compromised. The incident took place toward the end of 2014, and occurred when Children’s National employees fell victim to a phishing scam. Fardoes Khan was one of the patients who received a data breach notification from Children’s...


Articles

Is Health Data Security Improved or Hindered with CISOs?

Chief Information Security Officers (CISOs) are often thought of as having a critical role in a healthcare organization’s health data security measures. However, if a recent survey is any indication, not everyone else in the C-suite necessarily...

UCLA Faces Lawsuit After Health Data Breach

UCLA Health System is facing a class action case in California federal court, following a health data breach that potentially affected 4.5 million patients, according to Law360. The plaintiff, Michael Allen, argues that UCLA Health was negligent...

How Are Spear Phishing and Cyber Threats Impacting Pharma?

Spear phishing is becoming an increasingly important issue in the healthcare industry. Cyber criminals have evolved their approach, and are even beginning to target high-ranking healthcare professionals in attempts to gain access to sensitive...

VA Q2 Report Shows Increase in Data Breach Notification

The Department of Veteran’s Affairs (VA) released its Q2 report to Congress and is seeing a 12.2 percent increase in the number of data breach notification letters being sent out to veterans. In the Q2 report, the VA reported a total of...

New Healthcare Identity Protection Services for BCBS Customers

The Blue Cross Blue Shield Association announced earlier this week that its customers will have access to new healthcare identity protection services starting January 1, 2016. The new services will be available on an opt-in basis, and members...

Health Data Breaches Lead to Lawsuits for Florida Hospital

Florida Hospital suffered from two health data breaches over the last four years, and is now facing potential class action lawsuits. The first health data breach occurred when Florida Hospital employees Dale Munroe and Katrina Munroe were accused...

State Data Breach Notification Laws Critical, Say State AGs

It is essential that a federal data breach notification law does not preempt state laws, according to the National Association of Attorneys General (NAAG). The group wrote a letter to Congress this week, explaining that as many current state...

Conn. Governor Signs Data Breach Security Bill into Law

Connecticut officially changed its data breach security notification process, as Governor Dannell Malloy signed a proposed bill into law earlier this week. S.B. 949 was designed in an effort to create greater assurances around data security for...

Federal Agencies Need Better Cybersecurity Measures, Says GAO

Improving cybersecurity measures is just one of several areas that federal agencies need to work on in light of recent data breaches, according to a recent report from the Government Accountability Office (GAO). Other areas that federal agencies...

VA Sees 51% Decrease in PHI Incidents for May

After a less than ideal April in terms of PHI incidents, the Department of Veterans Affairs (VA) reported that it had a 51 percent decrease in that type of data breach in May. The VA’s May report sent to Congress showed that PHI incidents...

WEDI Healthcare Cybersecurity Primer Calls For Culture Change

The Workgroup for Electronic Data Interchange (WEDI) released a healthcare cybersecurity primer designed to help healthcare organizations better defend themselves against cyber attacks. The Perspectives on Cybersecurity in Healthcare report highlights...

Conn. Data Breach Security Bill Moves Forward

Connecticut Governor Dannel Malloy is expected to sign a data breach security bill into law that would grant greater protections to consumers. Senate Bill 949, An Act Improving Data Security and Agency Effectiveness, was unanimously passed by...

UPMC Health Data Breach Lawsuit Dismissed

A Pennsylvania judge dismissed the health data breach lawsuit that had been filed against the University of Pittsburgh Medical Center (UPMC) last year. Former UPMC employees filed the lawsuit after a data breach compromised the information of...

Healthcare Data Breaches Have Highest Cost, Says Ponemon

Healthcare data breaches average the highest cost per stolen record, with organizations reaching as high as $363, according to Ponemon’s annual Cost of Data Breach Study: Global Analysis, sponsored by IBM. For the US specifically,...

Medical Management Data Breach Impacting Multiple States

Last week, we reported on a healthcare data breach where a third party facility, Medical Management LLC, connected with the University of Pittsburgh Medical Center (UPMC) reported that approximately 2,200 UPMC patients may have had their records...

North Dakota Data Breach Notification Law Amended

Data breach notification laws continue to be implemented and amended across the country, as North Dakota becomes the latest state to clarify its regulations on privacy and security. North Dakota Governor Jack Dalrymple recently signed SB 2214...

Medical Info. Included in Nevada Data Breach Notification Law

Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into...

What Happens When a Healthcare Cyber Policy is Broken?

It is not uncommon for healthcare organizations to create a healthcare cyber policy with an insurance company, detailing what will take place should a data breach happen. However, if such policies are not followed, a covered entity might not...

Which States Have a Data Breach Notification Law?

Data breach notification is essential for organizations of all sizes, and those in the healthcare industry are no exception. In fact, the HIPAA  breach notification rule requires that covered entities and their business associates notify...

X

Sign up for our free HealthITSecurity.com newsletter and stay up to date with tips and advice on:

HIPAA
BYOD
Data Security
VDI
Cloud Security

Our privacy policy

no, thanks