Protected Health Information

Anthem MaineHealth Suffers Third-Party Data Breach, 13K Impacted

by Sarai Rodriguez

Anthem MaineHealth disclosed a third-party data breach to the Maine Attorney General’s Office that impacted 13,406 individuals. On August 5, the company learned that an unauthorized person...

Primary Care Clinic Network Suffers Healthcare Data Breach, 233K Impacted

by Jill McKeon

Texas-based Family Health Centers (FMC), which operates a network of four primary care clinics in Amarillo and Canyon, disclosed a healthcare data breach to HHS. The breach impacted 233,948 individuals...

How BCBS MA Combats DME, Telemedicine Fraud Schemes

by Jill McKeon

Equipped with fragments of personal information available on the internet or the dark web, scammers are increasingly targeting seniors in elaborate telemedicine fraud and durable medical equipment (DME) schemes, Blue Cross Blue Shield of...

OCR Settles Improper PHI Disposal Case, Resolves Potential HIPAA Violation

by Jill McKeon

The HHS Office for Civil Rights (OCR) settled a case with New England Dermatology and Laser Center (NEDLC) to resolve a potential HIPAA violation involving improper protected health information (PHI)...

Novant Health Notifies 1.3M Patients of Unauthorized PHI Disclosure Caused By Meta Pixel

by Jill McKeon

North Carolina-based Novant Health notified 1.3 million patients that the use of Meta pixel code potentially led to unauthorized disclosure of protected health information (PHI). As previously...

Neurology Practice Notifies 363K of Data Breach, PHI Released on Dark Web

by Jill McKeon

Indiana-based neurology practice Goodman Campbell Brain and Spine notified 362,833 individuals of a data breach that occurred in May. With a level of specificity that is uncommon in data breach...

Avamere Health Services Data Breach Impacts 96 Practices, At Least 380K

by Jill McKeon

Avamere Health Services, a group of independently-owned post-acute care companies that provide care for seniors, reported a data breach that impacted 96 practices and at least 380,000...

Stolen iPad Leads to Potential PHI Exposure at Kaiser Permanente

by Jill McKeon

On May 20, an unknown individual broke into a locked storage area at the Kaiser Permanente Los Angeles Medical Center and stole an iPad, which led to potential protected health information (PHI)...

VCU Health Notifies Patients of Transplant Donor, Recipient PHI Data Breach

by Jill McKeon

Transplant donor records were available to transplant recipients at Virginia Commonwealth University Health System (VCU Health) as early as January 2006, the health system informed patients recently....

UPMC Reaches $450K Settlement in Healthcare Data Breach Lawsuit

by Jill McKeon

University of Pittsburgh Medical Center (UPMC) and Charles J. Hilton, PC, (CJH) agreed to a $450,000 settlement to resolve allegations relating to a 2020 healthcare data breach. UPMC had engaged...

Meta Sued For Violating Patient Privacy, Scraping Health Data From Hospitals

by Jill McKeon

In the wake of detailed allegations of patient privacy violations covered in a report co-published by The Markup and STAT, Meta (the parent company of Facebook) is facing a lawsuit over the use of its...

Kaiser Permanente Discloses Data Breach at WA Health Plan, 69K Impacted

by Jill McKeon

Kaiser Permanente notified 69,589 individuals of a data breach that occurred at the Kaiser Foundation Health Plan of Washington. According to a notice on its website, Kaiser Permanente discovered on...

Employee Email Warnings Reduce EHR Snooping, Unauthorized PHI Access

by Jill McKeon

Only 2 percent of healthcare employees who received an email warning after committing unauthorized protected health information (PHI) access carried out the same offense again, a research letter...

PHI Potentially Accessed in Ballad Health Email Data Breach

by Jill McKeon

Ballad Health, a 21-hospital health system headquartered in Tennessee, disclosed a healthcare data breach that potentially led to protected health information (PHI) exposure. On January 13, Ballad...

Phishing Attacks, Email Security Incidents Hit 3 Healthcare Orgs

by Jill McKeon

Three healthcare organizations recently began notifying patients of separate email security incidents that potentially exposed protected health information (PHI). Charleston Area Medical Center...

Law Enforcement Health Benefits Plan Ransomware Attack Impacts 85K

by Jill McKeon

Law Enforcement Health Benefits Inc. (LEHB) began notifying plan members of a September 2021 ransomware attack that impacted over 85,000 individuals. Threat actors infiltrated LEHB’s network on...

NJ Dialysis Center, Neurosurgery Practice Both Face Cyberattacks

by Jill McKeon

Two New Jersey-based healthcare organizations fell victim to separate cyberattacks that potentially resulted in protected health information (PHI) exposure. In 2021, Critical Insight observed a...

CO Hospital Suffers Email Data Breach, 52K Impacted

by Jill McKeon

Colorado hospital Montrose Regional Health fell victim to an email data breach that went undetected from August to October 2021 and impacted 52,632 individuals. In a notice on its website, Montrose...

Duncan Regional Hospital Data Breach Impacts 92K

by Jill McKeon

Oklahoma-based Duncan Regional Hospital (DRH) suffered a data breach in January 2022 that impacted over 92,000 individuals, according to the Maine Attorney General’s Office. The not-for-profit...