Protected Health Information

Quest Diagnostics Settles Unlawful PHI Disposal Allegations For $5M

February 21, 2024 - Quest Diagnostics reached a $5 million settlement to resolve allegations that the company illegally disposed of hazardous waste, medical waste, and protected health information (PHI) at its California facilities, California Attorney General Rob Bonta announced. In addition to the $5 million, Quest will be required to make significant changes to its...


More Articles

HHS Settles HIPAA Investigation With St. Joseph’s Over PHI Disclosure to Media

by Jill McKeon

The HHS Office for Civil Rights (OCR) completed a HIPAA investigation into New York-based Saint Joseph’s Medical Center following claims that the organization had impermissibly disclosed COVID-19...

How Did This Happen? Understanding the Issue of Third-Party Tracking Tech in Healthcare

by Jill McKeon

In June 2022, journalists discovered that a third of Newsweek’s top 100 hospitals in America had the Meta Pixel installed on their websites, which allegedly sent a packet of data to Facebook whenever a visitor clicked a button to...

Imagine360 Suffers Third-Party Data Breach, 112K Impacted

by Sarai Rodriguez

Imagine360, a Pennsylvania-based provider of self-funded health plan solutions,  alerted over 112,000 individuals about a third-party data breach from January 2023, which occurred on its Citrix...

Cybersecurity Incident at MercyOne Triggers Potential Patient Data Loss

by Sarai Rodriguez

A cybersecurity incident at Iowa's MercyOne Clinton Medical Center leaves around 21,000 patients at risk of protected health information (PHI) exposure and possible data loss. An unauthorized...

2M Individuals Impacted by Healthcare Data Breach at Apria Healthcare

by Sarai Rodriguez

Nearly 2 million patients were notified by Apria Healthcare about a healthcare data breach that dates back to April 2019, during which hackers infiltrated their computer systems and accessed...

Lawsuit Strikes 90 Degree Benefits After 181K-Impacted Data Breach

by Sarai Rodriguez

90 Degree Benefits, a health insurance company, is in hot water as a proposed class-action lawsuit emerges, following a data breach that jeopardized the privacy of more than 181,543 individuals. The...

Ex-Methodist Staff Plead Guilty to Illegal PHI Exposure in HIPAA Violation Case

by Sarai Rodriguez

Six individuals, including five former Methodist Hospital employees, face sentencing for HIPAA violations after pleading guilty to the unauthorized disclosure of personal health information (PHI)...

Maryland Hospital Reveals 30K Individuals Impacted by Ransomware Attack

by Sarai Rodriguez

Atlantic General Hospital has notified 30,704 patients of a ransomware attack that potentially compromised protected health information (PHI), a notice provided to the Maine Attorney General’s...

3 Latest Email Security Breaches Impact PHI

by Jill McKeon

Email security breaches continue to lead to compromised protected health information (PHI) and widespread breach notifications, as exemplified by the three recently-reported breaches detailed...

How to Properly Dispose of Electronic PHI Under HIPAA

by Jill McKeon

Improper disposal of protected health information (PHI), whether a paper record or a digital file, can result in HIPAA violations and significant fees. For example, in 2020, the New Jersey Division of Consumer Affairs and the New Jersey...

GA Health System Reports Healthcare Data Breach

by Sarai Rodriguez

Georgia-based Emory Healthcare reported a healthcare data breach that impacted more than 1,000 individuals and potentially exposed protected health information (PHI). Through a notice from the United...

Healthcare Cybersecurity Measures Must Go Beyond Perimeter Security

by Sarai Rodriguez

An uptick in cyberattacks across critical infrastructure organizations is causing organization leaders to bolster their security postures, going beyond basic perimeter security. Healthcare...

OCR Settles Potential HIPAA Violation After Dental Practice Discloses PHI on Yelp

by Jill McKeon

The HHS Office for Civil Rights (OCR) reached a settlement with California-based New Vision Dental (NVD), over a potential HIPAA violation. The practice paid OCR $23,000 and agreed to implement a...

5 Former Methodist Hospital Employees Indicted Over HIPAA Violations

by Jill McKeon

Five former employees of Tennessee-based Methodist Hospital have been indicted by a federal grand jury for committing HIPAA violations, the US Attorney’s Office for the Western District of...

Lurie Children’s Hospital Resolves Healthcare Data Breach Lawsuit

by Jill McKeon

Chicago-based Lurie Children’s Hospital settled a data breach lawsuit outside of court relating to a security incident that began in 2018. The hospital agreed to implement additional security...

NM Radiology Practice Health Data Breach Results in PHI Exposure

by Sarai Rodriguez

Radiology Associates of Albuquerque, also known as RAA Imaging, informed an undisclosed number of patients of a health data breach involving protected health information (PHI) exposure. The breach...

VA Senator Expresses Health Data Privacy Concerns in Letter to Meta

by Jill McKeon

Senator Mark R. Warner (D-VA) expressed significant health data privacy concerns surrounding the Meta pixel tracking tool in a letter to Meta CEO Mark Zuckerberg. As previously reported, the tool has...

Doctor Pleads Guilty to HIPAA Violation, Wrongful Disclosure of PHI

by Jill McKeon

Former physician Frank Alario, 65, admitted to a HIPAA violation in which he conspired to wrongfully disclose patients’ protected health information (PHI) to a pharmaceutical sales...

Data Security Incident Exposes PHI For Over 1K Zomo Health Members

by Sarai Rodriguez

Healthcare software company Zomo Health disclosed a data security incident to HHS that involved the protected health information (PHI) of 1,359 individuals accidentally being exposed. According...