Healthcare Information Security

Data Breaches

Americans Fret About Loss of Control Over Personal Information

August 21, 2018 - Americans are concerned about loss of control over their personal information, according to a survey conducted by the US Census Bureau. Virtually the same number of households identified loss of control over personal data as a major concern in the Census Bureau's 2017 survey (21 percent) versus one conducted in 2015 (22 percent), according to an NTIA analysis released on August 20....


More Articles

3.15M Records Exposed by 142 Healthcare Data Breaches in Q2 2018

by Fred Donovan

In the second quarter of 2018, 3.15 million patient records were compromised in 142 healthcare data breaches, according to the Protenus Breach Barometer. A discouraging 30 percent of privacy violations involved repeat offenders,...

301K Patients Involved in St. Mary’s Paper Records Data Breach

by Fred Donovan

SSM Health St. Mary’s Hospital in Jefferson City, Missouri, reported to OCR on July 30 that an improper disposal of paper medical records may have resulted in a data breach affecting 301,000 individuals. In a public notice, St....

Healthcare Data Breach Costs Remain Highest Among Industries

by Fred Donovan

In their 2018 Cost of a Data Breach Report, IBM and the Ponemon Institute found that healthcare data breach costs average $408 per record, the highest of any industry for the eighth straight year and nearly three times higher than the...

Children’s Mercy Faces Lawsuit Over Healthcare Data Breach

by Fred Donovan

A class action lawsuit was filed this week against Kansas City, Missouri-based Children’s Mercy Hospital in response to a healthcare data breach that affected more than 60,000 individuals earlier this year, the Kansas City Star...

Employee Fired for HIPAA Violation Gets Personal Data from Agency

by Fred Donovan

Tracy Ryans, a former employee of the Texas Health and Human Services Commission fired for an alleged HIPAA violation, recently received a box full of state assistance applications chock full of personal information from her former...

Healthcare Data Breaches Now Covered by Arizona Law

by Fred Donovan

Arizona is now including healthcare data breaches in its data breach notification law. Under legislation introduced in January and signed into law by Arizona Governor Doug Ducey earlier this month, information about an individual's...

Applying Inogen Data Breach Lessons to Healthcare Providers

by Fred Donovan

The recent Inogen data breach, in which hackers were able to penetrate an employee’s email account, highlights the need for healthcare organizations to use multifactor authentication (MFA) to control access and to get...

Integrated Rehab Consultants Admits to 2016 Healthcare Data Breach

by Fred Donovan

Chicago-based Integrated Rehab Consultants is just now admitting to a healthcare data breach that it knew about back in 2016.  In December 2016, IRC received a tip from a healthcare researcher about patient data posted on a public...

Virtua To Pay NJ $418,000 for HIPAA Violation

by Fred Donovan

Virtua Medical Group has agreed to pay a $418,000 fine and to beef up its data security in a settlement with the New Jersey government over allegations that it failed to protect patient data of more than 1,650 individuals, resulting in...

HIPAA Covered Entities Get Pass on OR Data Breach Notification Law

by Fred Donovan

HIPAA covered entities in Oregon are exempt from a new requirement that organizations in the state report data breaches within 45 days of discovery. Oregon Governor Kate Brown signed into law at the end of March amendments (Senate Bill...

Colorado Data Privacy Law Updated, Includes Medical Information

by Elizabeth Snell

Bipartisan legislation aiming to improve current data privacy laws was recently introduced in Colorado. The bill would require entities implement “reasonable security procedures” to protect consumers’ personal information...

Proposals Made for Improved State Data Breach Laws

by Elizabeth Snell

The large-scale Equifax data breach has pushed some states into creating more stringent state data breach laws, looking to close gaps in how sensitive consumer information is protected. The Vermont House Committee on Commerce and Economic...

Researchers Question Previous Health Data Breach Study

by Elizabeth Snell

Claiming that larger healthcare facilities have a higher risk of experiencing a health data breach “neglects inherent biases in data collection and reporting practices,” according to a letter published in the Journal of the...

PHI of 13K Involved in Ransomware Attack at PA Health Clinic

by Kate Monica

On April 24, 2017, Family Tree Health Clinic discovered a ransomware attack potentially affecting PHI stored in its IT system, according to an online statement. The Pennsylvania health clinic immediately restored its system data using...

Unauthorized PHI Access at Coney Island Hospital Impacts 3.4K

by Kate Monica

On March 10, 2017, NYC Health + Hospitals at Coney Island discovered that it had suffered unauthorized PHI access occurring over the course of three months from December 2016 to March 2017. The incident involved a volunteer working in the...

Texas Hospital Email Hack Exposes PHI of over 8K Patients

by Kate Monica

On February 21, 2017, an unauthorized individual accessed an employee email account containing PHI at Hill Country Memorial Hospital in Fredericksburg, Texas. Hill Country stated the email hack appears to be the result of intentional...

PHI Security of 20K Possibly Affected from RI Laptop Theft

by Kate Monica

On February 25, 2017, Lifespan Corporation suffered a possible healthcare data breach in which an employee’s laptop was stolen. The theft occurred when an individual broke into an employee’s car and stole several items,...

Stolen, Unencrypted Drive Causes Data Security Concern for 15K

by Kate Monica

Western Health Screening (WHS) recently issued a letter notifying individuals of a possible data security breach in which a WHS-owned vehicle containing an unencrypted jump drive was stolen. The jump drive contained the personal...

Kentucky Health Center Ensures PHI Security After Email Gaffe

by Kate Monica

On February 3, 2017, Women’s Care of Somerset (WCS) employees erroneously disclosed the email addresses of all recipients of an informative email regarding health-related services to the other recipients. According to a written...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...