Patient Privacy

Quest Diagnostics Settles Unlawful PHI Disposal Allegations For $5M

February 21, 2024 - Quest Diagnostics reached a $5 million settlement to resolve allegations that the company illegally disposed of hazardous waste, medical waste, and protected health information (PHI) at its California facilities, California Attorney General Rob Bonta announced. In addition to the $5 million, Quest will be required to make significant changes to its...


More Articles

Senator Calls on FTC, SEC to Crack Down on Location Data Misuse

by Jill McKeon

US Senator Ron Wyden (D-OR) sent a letter to the Federal Trade Commission (FTC) and Securities and Exchange Commission (SEC) chairs urging them to hold a data broker accountable for alleged misleading...

KLAS Highlights Top Security, Privacy Solutions This Year

by Jill McKeon

KLAS Research recognized several leading security and privacy vendors as Best in KLAS winners for 2024. The 2024 Best in KLAS software and services winners were designated based on information...

Novant Health Reaches $6.6M Settlement Over Improper PHI Disclosures

by Jill McKeon

Novant Health agreed to pay $6.6 million to settle a class action lawsuit surrounding improper disclosures of protected health information (PHI) due to the health system’s use of third-party...

Lawmakers Push For Increased Patient Privacy Regarding Prescription Records

by Jill McKeon

Lawmakers have urged HHS to consider revising HIPAA to further protect patient privacy after observing routine disclosures of patient information from major pharmacy chains to law enforcement agencies...

Joint Commission Launches Certification Program For Responsible Health Data Use

by Jill McKeon

The Joint Commission has launched the Responsible Use of Health Data (RUHD) Certification program, a voluntary program aimed at providing hospitals, patients, and other key stakeholders with an...

23andMe Data Security Event Raises Concerns for Minority Health Data

by Jacqueline LaPointe

Minority groups are at risk following a potential data security event involving 23andMe may have resulted in health-related data and personally identifiable information (PII) of certain...

OCR Publishes Resources On Telehealth Privacy, Security Risks

by Jill McKeon

The HHS Office for Civil Rights (OCR) unveiled two resource documents to help providers communicate telehealth privacy and security risks to patients. The documents, entitled “Educating Patients...

Colorado AG Reaches Settlement With Skilled Nursing Center Over Data Breach

by Jill McKeon

Colorado Attorney General Phil Weiser reached a settlement with Broomfield Skilled Nursing and Rehabilitation Center over a 2021 data breach. According to the announcement, Broomfield allegedly failed...

Indiana AG Sues IU Health For Violating Patient Privacy of 10-Year-Old Rape Victim

by Jill McKeon

Indiana Attorney General Todd Rokita filed a lawsuit against the University of Indiana Health (IU Health) and IU Healthcare Associates over their alleged failure to safeguard patient privacy and abide...

KLAS: AI, Market Consolidation Impact Patient Privacy Monitoring Vendor Trends

by Jill McKeon

Patient privacy monitoring solutions help healthcare organizations manage privacy risks and detect unauthorized access to patient data, playing a crucial role in compliance and patient confidentiality....

Senators Seek Answers From Amazon Over Collection of Patient Data

by Jill McKeon

Senators Peter Welch (D-VT) and Elizabeth Warren (D-MA) sent a letter to Amazon President and CEO Andy Jassy expressing concern over the privacy practices of Amazon Clinic, the...

FTC Proposes Settlement With Genetic Testing Company Over Unsecured Health Data

by Jill McKeon

The Federal Trade Commission (FTC) reached a proposed settlement with 1Health.io, a genetic testing company, over its alleged security and privacy failures. The order requires the company to pay...

AHA Urges OCR to Suspend or Amend Online Tracking Guidance

by Jill McKeon

The American Hospital Association (AHA) urged the HHS Office for Civil Rights (OCR) to reconsider its December 2022 Online Tracking Guidance, suggesting that its definition of protected health...

FTC Issues Health Breach Notification Rule Enforcement Action Against Fertility App

by Jill McKeon

The Federal Trade Commission (FTC) alleged that Easy Healthcare Corporation, the company that operates the Premom Ovulation Tracker app, violated the Health Breach Notification Rule by failing to...

HHS Proposes Rule to Strengthen HIPAA Protections For Reproductive Healthcare Data

by Jill McKeon

The HHS Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) with the goal of strengthening HIPAA Privacy Rule protections for those seeking and delivering reproductive...

Insight Global Settles Class Action Lawsuit After Contact Tracing Breach

by Sarai Rodriguez

Insight Global, the contact tracing program administrator hired by the state of Pennsylvania, has reached a proposed settlement to resolve a class-action healthcare data breach lawsuit. The breach,...

Illinois Medical Practice Settles Lawsuit After Data Breach Impacts 228K

by Sarai Rodriguez

Illinois Gastroenterology Group (IGG) has settled a class-action lawsuit for an undisclosed amount after a data breach puts the patient privacy of more than 227,943 individuals at risk. The lawsuit...

Nearly All US Acute Care Hospitals Transfer Data to Third Parties, Study Finds

by Jill McKeon

University of Pennsylvania researchers found third-party tracking technologies on nearly all US nonfederal acute care hospital websites, a Health Affairs study revealed. Researchers studied all US...

Inadequate Healthcare Cybersecurity Maturity Jeopardizes Patient Privacy

by Sarai Rodriguez

The healthcare sector ranks lowest in several cybersecurity maturity domains, according to CYE's first Cybersecurity Maturity Report, which suggests that even organizations that handle highly...