Healthcare Information Security

Data Breaches

Hackers Breach Data of 4,300 Missouri Patients for 3 Months

January 3, 2019 - Missouri-based Choice Rehabilitation Center is notifying 4,309 patients that their data was breached in a months-long hack on a corporate email account. On November 7, Choice discovered that one of its email accounts was hacked. According to officials, the cybercriminals forwarded the provider’s emails to their personal account. The account was later deactivated. Choice...


More Articles

Data of 7,000 Tandigm Health Patients Exposed by Site Vulnerability

by Jessica Davis

Philadelphia-based Tandigm Health recently notified about 7,000 patients that their personal data may have been exposed for more than six months, due to a website vulnerability. On Sept. 25, 2018, Tandigm officials discovered a potential...

2.65M Atrium Health Patient Records Breached in Third-Party Vendor Hack

by Jessica Davis

The data of more than 2.65 million Atrium Health patients was breached for a week-long period, due to a cyberattack on the health system’s billing vendor AccuDoc Solutions in September. The North Carolina billing vendor prepares...

Pennsylvania Judge Rules UPMC Must Protect Employee Data

by Jessica Davis

The Pennsylvania Supreme Court ruled last week that the University of Pittsburgh Medical Center is responsible for protecting personal employee data from hackers: The latest in a lengthy class-action lawsuit filed by UPMC employees against...

Americans Fret About Loss of Control Over Personal Information

by Fred Donovan

Americans are concerned about loss of control over their personal information, according to a survey conducted by the US Census Bureau. Virtually the same number of households identified loss of control over personal data as a major...

3.15M Records Exposed by 142 Healthcare Data Breaches in Q2 2018

by Fred Donovan

In the second quarter of 2018, 3.15 million patient records were compromised in 142 healthcare data breaches, according to the Protenus Breach Barometer. A discouraging 30 percent of privacy violations involved repeat offenders,...

301K Patients Involved in St. Mary’s Paper Records Data Breach

by Fred Donovan

SSM Health St. Mary’s Hospital in Jefferson City, Missouri, reported to OCR on July 30 that an improper disposal of paper medical records may have resulted in a data breach affecting 301,000 individuals. In a public notice, St....

Healthcare Data Breach Costs Remain Highest Among Industries

by Fred Donovan

In their 2018 Cost of a Data Breach Report, IBM and the Ponemon Institute found that healthcare data breach costs average $408 per record, the highest of any industry for the eighth straight year and nearly three times higher than the...

Children’s Mercy Faces Lawsuit Over Healthcare Data Breach

by Fred Donovan

A class action lawsuit was filed this week against Kansas City, Missouri-based Children’s Mercy Hospital in response to a healthcare data breach that affected more than 60,000 individuals earlier this year, the Kansas City Star...

Employee Fired for HIPAA Violation Gets Personal Data from Agency

by Fred Donovan

Tracy Ryans, a former employee of the Texas Health and Human Services Commission fired for an alleged HIPAA violation, recently received a box full of state assistance applications chock full of personal information from her former...

Healthcare Data Breaches Now Covered by Arizona Law

by Fred Donovan

Arizona is now including healthcare data breaches in its data breach notification law. Under legislation introduced in January and signed into law by Arizona Governor Doug Ducey earlier this month, information about an individual's...

Applying Inogen Data Breach Lessons to Healthcare Providers

by Fred Donovan

The recent Inogen data breach, in which hackers were able to penetrate an employee’s email account, highlights the need for healthcare organizations to use multifactor authentication (MFA) to control access and to get...

Integrated Rehab Consultants Admits to 2016 Healthcare Data Breach

by Fred Donovan

Chicago-based Integrated Rehab Consultants is just now admitting to a healthcare data breach that it knew about back in 2016.  In December 2016, IRC received a tip from a healthcare researcher about patient data posted on a public...

Virtua To Pay NJ $418,000 for HIPAA Violation

by Fred Donovan

Virtua Medical Group has agreed to pay a $418,000 fine and to beef up its data security in a settlement with the New Jersey government over allegations that it failed to protect patient data of more than 1,650 individuals, resulting in...

HIPAA Covered Entities Get Pass on OR Data Breach Notification Law

by Fred Donovan

HIPAA covered entities in Oregon are exempt from a new requirement that organizations in the state report data breaches within 45 days of discovery. Oregon Governor Kate Brown signed into law at the end of March amendments (Senate Bill...

Colorado Data Privacy Law Updated, Includes Medical Information

by Elizabeth Snell

Bipartisan legislation aiming to improve current data privacy laws was recently introduced in Colorado. The bill would require entities implement “reasonable security procedures” to protect consumers’ personal information...

Proposals Made for Improved State Data Breach Laws

by Elizabeth Snell

The large-scale Equifax data breach has pushed some states into creating more stringent state data breach laws, looking to close gaps in how sensitive consumer information is protected. The Vermont House Committee on Commerce and Economic...

Researchers Question Previous Health Data Breach Study

by Elizabeth Snell

Claiming that larger healthcare facilities have a higher risk of experiencing a health data breach “neglects inherent biases in data collection and reporting practices,” according to a letter published in the Journal of the...

PHI of 13K Involved in Ransomware Attack at PA Health Clinic

by Kate Monica

On April 24, 2017, Family Tree Health Clinic discovered a ransomware attack potentially affecting PHI stored in its IT system, according to an online statement. The Pennsylvania health clinic immediately restored its system data using...

Unauthorized PHI Access at Coney Island Hospital Impacts 3.4K

by Kate Monica

On March 10, 2017, NYC Health + Hospitals at Coney Island discovered that it had suffered unauthorized PHI access occurring over the course of three months from December 2016 to March 2017. The incident involved a volunteer working in the...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...