Healthcare Information Security

Healthcare Data Breach

OCR To Share HIPAA Data Breach Settlements With Victims

by Fred Donovan

OCR is proposing to share a percentage of HIPAA data breach settlements with victims, as required by the HITECH law. In the HHS semiannual regulatory agenda, OCR said it is soliciting the public’s view on establishing a methodology...

UnityPoint Allegedly Mishandled Healthcare Data Breach

by Fred Donovan

UnityPoint Health delayed reporting a healthcare data breach, incorrectly told affected patients that their Social Security numbers were not part of the breach, and declined to compensate victims for damage to their credit from the breach,...

1.13M Records Exposed by 110 Healthcare Data Breaches in Q1 2018

by Fred Donovan

Around 1.13 million patient records were compromised in 110 healthcare data breaches in the first quarter of 2018, according to data released May 3 in the Protenus Breach Barometer. Healthcare insiders were most likely to snoop on family...

Scenic Bluffs’ Healthcare Data Breach Could Affect 2,889

by Fred Donovan

Wisconsin-based Scenic Bluffs Community Health Centers said that it experienced a healthcare data breach in which attackers gained access to a staff member’s email and may have stolen information on 2,889 patients, according to a...

Texas Health Says 3,808 Affected by Healthcare Data Breach

by Fred Donovan

Texas Health Physicians Group recently disclosed that an unauthorized third party had gained access to some of its email accounts, resulting in a healthcare data breach that affected close to 4,000 patients. The information that was...

Healthcare Data Breaches Now Covered by Arizona Law

by Fred Donovan

Arizona is now including healthcare data breaches in its data breach notification law. Under legislation introduced in January and signed into law by Arizona Governor Doug Ducey earlier this month, information about an individual's...

Applying Inogen Data Breach Lessons to Healthcare Providers

by Fred Donovan

The recent Inogen data breach, in which hackers were able to penetrate an employee’s email account, highlights the need for healthcare organizations to use multifactor authentication (MFA) to control access and to get...

Integrated Rehab Consultants Admits to 2016 Healthcare Data Breach

by Fred Donovan

Chicago-based Integrated Rehab Consultants is just now admitting to a healthcare data breach that it knew about back in 2016.  In December 2016, IRC received a tip from a healthcare researcher about patient data posted on a public...

Virtua To Pay NJ $418,000 for HIPAA Violation

by Fred Donovan

Virtua Medical Group has agreed to pay a $418,000 fine and to beef up its data security in a settlement with the New Jersey government over allegations that it failed to protect patient data of more than 1,650 individuals, resulting in...

Survey Finds Lax Patching Practices Feed Healthcare Data Breaches

by Fred Donovan

Patching vulnerabilities in your systems and applications is one of the most important steps you can take to prevent a healthcare data breach at your organization. Yet, a majority of security professionals in the healthcare and...

Preparing for a Potential Healthcare Data Breach Investigation

by Elizabeth Snell

A current and comprehensive risk management plan, including a good auditing process, will be critical for organizations that must deal with a healthcare data breach investigation. Covered entities and business associates will be better...

Healthcare Data Breach Leads to Identity Theft Guilty Plea

by Elizabeth Snell

Robert Ashley Bond of Thackerville, Oklahoma recently pled guilty to charges over his alleged involvement in a 2017 healthcare data breach.  The United States Attorney’s Office for the Eastern District of...

Banner Health Data Breach Part of OCR Investigation

by Elizabeth Snell

The 2016 Banner Health data breach is reportedly being investigated by OCR, although it is currently not possible to estimate the range of potential fines from the agency, according to consolidated financial statements. An Ernst &...

Potential PHI Exposure at BJC HealthCare Impacts 33K

by Elizabeth Snell

An internal security scan revealed that there was a data server configuration error, allowing potential PHI exposure at BJC HealthCare. The Missouri-based organization revealed in an online statement that 33,420 patients may have had...

What the CareFirst Data Breach Decision Means for Healthcare

by Elizabeth Snell

In February 2018, the US Supreme Court denied certiorari in the CareFirst data breach case. CareFirst had requested the Court review the class action lawsuit against it that came from two separate incidents. The first occurred in June...

134K Possibly Affected in St. Peter’s Server Data Breach

by Elizabeth Snell

An unauthorized third party gained access to St. Peter’s Surgery & Endoscopy Center (the Center) servers on January 8, 2018, according to an online statement. The potential data breach was discovered on the same day of the...

EmblemHealth Data Breach Leads to $575K NY State Settlement

by Elizabeth Snell

New York Attorney General Eric Schneiderman announced that a $575,000 settlement had been reached in the EmblemHealth data breach case, following a mailing error incident that exposed 81,122 Social Security numbers. The health plan...

CarePlus Health Reports PHI Data Breach Impacting 11K

by Elizabeth Snell

A series of programming and printing errors resulted in Explanation of Benefits (EOB) letters being sent to the incorrect CarePlus Health Plan members, an organization spokesperson confirmed to HealthITSecurity.com. Approximately 11,200...

36K Notified of Potential Healthcare Data Breach from Mailing Error

by Elizabeth Snell

A mailing error has led to a potential healthcare data breach for Triple-S Advantage (Triple-S) members, according to an online company statement. The Puerto Rico-based organization is an independent licensee of the BlueCross BlueShield...

Business Associate Dismissal Denied in HIPAA Data Breach Case

by Elizabeth Snell

A HIPAA data breach case that stemmed from a business associate disclosing PHI will not be dismissed, according to a US District Court decision. CVS Pharmacy, Inc. and Caremark Rx LLC (CVS) sought reimbursement from its business...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...