Healthcare Information Security

Healthcare Data Breaches

SSNs, Tax Data Exposed in Healthcare.gov Health Data Breach

November 12, 2018 - Partial Social Security numbers (SSNs), immigration status, and tax information might have been stolen as a result of the health data breach on the Healthcare.gov portal last month. In October, CMS admitted to a breach of Healthcare.gov’s Direct Enrollment pathway, which enables agents and brokers to complete consumer applications for coverage by the federal healthcare...


More Articles

Health Data Breach Compromised PHI on 566K CNO Customers

by Fred Donovan

CNO Financial Group reported to OCR on Oct. 25 that a breach compromised PHI on 566,217 individuals. CNO Financial Group’s largest unit, Bankers’ Life, issued a statement describing the breach. The group discovered...

4.4M Records Exposed in 117 Health Data Breaches in Q3 2018

by Fred Donovan

A total of 4.4 million patient records were compromised in 117 health data breaches in the third quarter of 2018, according to the latest Protenus Breach Barometer. These figures compare with 3.15 million records compromised in 142 health...

Healthcare Takes Around 350 Days to Identify, Contain Data Breach

by Fred Donovan

The healthcare industry had the second highest number of days to identify and contain a data breach, around 350 days, according to a recent study by The Ponemon Institute and IBM. The healthcare industry was second only to the...

ERS Online Coding Error Exposes 1.25M Users to Health Data Breach

by Fred Donovan

The Employee Retirement System (ERS) of Texas reported to OCR on Oct. 15 that information on potentially 1.25 million people may have been exposed in a health data breach. In a statement on its website, ERS explained that a coding error...

Health Data Breach on Healthcare.gov Portal Affects 75K People

by Fred Donovan

Personal information of around 75,000 individuals is at risk from a health data breach that affected a Healthcare.gov portal for agents and brokers, CMS announced Oct. 19. The breached portal, called the Direct Enrollment pathway, allows...

Mistakes, Not Hacks, Make Up Bulk of Medicaid Data Breaches

by Fred Donovan

Most of the Medicaid data breaches that state agencies and their contractors reported in 2016 disclosed information about a single individual and often resulted from misdirected letters or faxes, according to a report released last week by...

PHI on 37K at Risk in Gold Coast Health Plan Phishing Attack

by Fred Donovan

California-based Gold Coast Health Plan (GCHP) reported to OCR Oct. 5 that a phishing attack exposed PHI on 37,005 individuals. In a Oct. 8 news release, GCHP said that attackers compromised an employee’s email account,...

Anthem to Pay Record $16M for HIPAA Violations Exposing 79M Records

by Fred Donovan

Anthem has agreed to pay a record $16 million, almost three times the previous highest HIPAA penalty, and to take correct actions to settle HIPAA violations that exposed the ePHI of close to 79 million people, OCR announced Oct....

Michigan Medicine Reports 2nd Healthcare Data Breach This Year

by Fred Donovan

The University of Michigan’s Michigan Medicine reported to OCR on Sept. 28 that there was an unauthorized access/disclosure of paper records that affected 3,624 individuals. In a press release, Michigan Medicine said that there was...

California Court Denies Motion to Dismiss Health Data Breach Suit

by Fred Donovan

The California Superior Court has denied a motion to dismiss a class action lawsuit against A.J. Boggs & Company for a health data breach that exposed confidential medical records of 93 individuals with HIV, Lambda Legal, who is...

Hacker Steals 124 PHI-Laden Emails in Aspire Phishing Attack

by Fred Donovan

Aspire Health, a Nashville-based in-home healthcare provider, suffered a phishing attack on Sept. 3 in which a hacker gained access to its internal email system earlier this month, according to court documents cited by...

MGH Study Finds Major Increase in US Healthcare Data Breaches

by Fred Donovan

Since 2010, the total number of healthcare data breaches has increased steadily every year — except in 2015 — from 199 in 2010 to 344 in 2017, according to an analysis of US health care data conducted by two Massachusetts...

UMass Memorial to Pay $230,000 for Healthcare Data Breaches

by Fred Donovan

UMass Memorial healthcare entities have agreed to pay $230,000 to the state of Massachusetts to resolve claims that two separate healthcare data breaches exposed PHI of more than 15,000 state residents. The lawsuit by the Massachusetts...

Independence Blue Cross Admits to Healthcare Data Breach

by Fred Donovan

Philadelphia-based Independence Blue Cross (IBC) announced Sept. 17 that PHI was uploaded by an employee to a website that was publicly accessible between April 23 and July 20, 2018. KYW news radio reported that around 17,000 IBC...

Vendor Blamed for Health Data Breach Exposing 1,500 BCBSRI Members

by Fred Donovan

Blue Cross and Blue Shield of Rhode Island (BCBSRI) said that a health data breach of PHI affecting 1,567 people was caused by a vendor responsible for sending benefits explanations to members, the Providence Journal reported. The...

Reliable Respiratory Says Phishing Attack Affected 21K Individuals

by Fred Donovan

Massachusetts-based medical equipment supplier Reliable Respiratory reported to OCR on Sept. 1 that a phishing attack exposed PHI on 21,311 individuals. In a notice on its website, Reliable Respiratory said that on July 3 it discovered a...

Premera Accused of Trashing Computer in Health Data Breach Lawsuit

by Fred Donovan

Premera Blue Cross is being accused of destroying a key piece of evidence in the class-action lawsuit against the health insurer over a health data breach that compromised PHI on 11 million people. Lawyers for the breach victims filed a...

PHI Data, My Friend, Is Blowin’ in the New Mexico Wind

by Fred Donovan

Medical records containing PHI data of patients from Turquoise Lodge Hospital were found blowing around the streets of Albuquerque, New Mexico, TV station KRQE reported Sept. 1. The medical records were being transported to a secure...

PHI on 20K Children Exposed in WellCare Healthcare Data Breach

by Fred Donovan

PHI on close to 20K children was exposed in a healthcare data breach when WellCare Health Plans, which administers the Missouri Medicaid plan, sent letters to the wrong addresses, the Kansas City Star reported Aug. 29. The company said...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...