Healthcare Information Security

Healthcare Data Breaches

Anthem to Pay Record $16M for HIPAA Violations Exposing 79M Records

October 16, 2018 - Anthem has agreed to pay a record $16 million, almost three times the previous highest HIPAA penalty, and to take correct actions to settle HIPAA violations that exposed the ePHI of close to 79 million people, OCR announced Oct. 15. “The largest health data breach in U.S. history fully merits the largest HIPAA settlement in history,” said OCR Director Roger Severino in...


More Articles

Michigan Medicine Reports 2nd Healthcare Data Breach This Year

by Fred Donovan

The University of Michigan’s Michigan Medicine reported to OCR on Sept. 28 that there was an unauthorized access/disclosure of paper records that affected 3,624 individuals. In a press release, Michigan Medicine said that there was...

California Court Denies Motion to Dismiss Health Data Breach Suit

by Fred Donovan

The California Superior Court has denied a motion to dismiss a class action lawsuit against A.J. Boggs & Company for a health data breach that exposed confidential medical records of 93 individuals with HIV, Lambda Legal, who is...

Hacker Steals 124 PHI-Laden Emails in Aspire Phishing Attack

by Fred Donovan

Aspire Health, a Nashville-based in-home healthcare provider, suffered a phishing attack on Sept. 3 in which a hacker gained access to its internal email system earlier this month, according to court documents cited by...

MGH Study Finds Major Increase in US Healthcare Data Breaches

by Fred Donovan

Since 2010, the total number of healthcare data breaches has increased steadily every year — except in 2015 — from 199 in 2010 to 344 in 2017, according to an analysis of US health care data conducted by two Massachusetts...

UMass Memorial to Pay $230,000 for Healthcare Data Breaches

by Fred Donovan

UMass Memorial healthcare entities have agreed to pay $230,000 to the state of Massachusetts to resolve claims that two separate healthcare data breaches exposed PHI of more than 15,000 state residents. The lawsuit by the Massachusetts...

Independence Blue Cross Admits to Healthcare Data Breach

by Fred Donovan

Philadelphia-based Independence Blue Cross (IBC) announced Sept. 17 that PHI was uploaded by an employee to a website that was publicly accessible between April 23 and July 20, 2018. KYW news radio reported that around 17,000 IBC...

Vendor Blamed for Health Data Breach Exposing 1,500 BCBSRI Members

by Fred Donovan

Blue Cross and Blue Shield of Rhode Island (BCBSRI) said that a health data breach of PHI affecting 1,567 people was caused by a vendor responsible for sending benefits explanations to members, the Providence Journal reported. The...

Reliable Respiratory Says Phishing Attack Affected 21K Individuals

by Fred Donovan

Massachusetts-based medical equipment supplier Reliable Respiratory reported to OCR on Sept. 1 that a phishing attack exposed PHI on 21,311 individuals. In a notice on its website, Reliable Respiratory said that on July 3 it discovered a...

Premera Accused of Trashing Computer in Health Data Breach Lawsuit

by Fred Donovan

Premera Blue Cross is being accused of destroying a key piece of evidence in the class-action lawsuit against the health insurer over a health data breach that compromised PHI on 11 million people. Lawyers for the breach victims filed a...

PHI Data, My Friend, Is Blowin’ in the New Mexico Wind

by Fred Donovan

Medical records containing PHI data of patients from Turquoise Lodge Hospital were found blowing around the streets of Albuquerque, New Mexico, TV station KRQE reported Sept. 1. The medical records were being transported to a secure...

PHI on 20K Children Exposed in WellCare Healthcare Data Breach

by Fred Donovan

PHI on close to 20K children was exposed in a healthcare data breach when WellCare Health Plans, which administers the Missouri Medicaid plan, sent letters to the wrong addresses, the Kansas City Star reported Aug. 29. The company said...

HMC Says Ransomware Attack Turned Into Healthcare Data Breach

by Fred Donovan

Health Management Concepts (HMC) recently experienced a ransomware attack that quickly turned into a healthcare data breach. In an Aug. 22 letter, attorneys for HMC informed the New Hampshire Attorney General that it discovered on...

Dermatology Clinics See Rash of Healthcare Data Breaches

by Fred Donovan

A pair of dermatology clinics reported to OCR this month healthcare data breaches that exposed PHI on a total of 5,375 patients. Maryland-based Anne Arundel Dermatology told OCR on August 9 that 1,310 individuals were affected by the...

Firms Lack Cyber Insurance Despite Healthcare Data Breach Costs

by Fred Donovan

Given the proliferation and cost of healthcare data breaches and ransomware attacks, it is surprising that 70 percent of healthcare organizations have no cyber insurance, according to a survey of security executives by Ovum for...

InterAct of Michigan Phishing Attack Exposes PHI on 1,290 People

by Fred Donovan

InterAct of Michigan reported to OCR on August 7 that an email hacking incident may have exposed PHI on 1,290 individuals. In a statement on its website, InterAct explained that it became aware on June 8 that an unauthorized third party...

3.15M Records Exposed by 142 Healthcare Data Breaches in Q2 2018

by Fred Donovan

In the second quarter of 2018, 3.15 million patient records were compromised in 142 healthcare data breaches, according to the Protenus Breach Barometer. A discouraging 30 percent of privacy violations involved repeat offenders,...

301K Patients Involved in St. Mary’s Paper Records Data Breach

by Fred Donovan

SSM Health St. Mary’s Hospital in Jefferson City, Missouri, reported to OCR on July 30 that an improper disposal of paper medical records may have resulted in a data breach affecting 301,000 individuals. In a public notice, St....

19K Orlando Orthopaedic Patients At Risk from Lax Vendor Security

by Fred Donovan

Florida-based Orlando Orthopaedic Center reported to OCR on July 20 that 19,101 individuals were affected by lax vendor security, leading to a possible PHI breach. The breach occurred at a transcription service vendor in December,...

Accidents Were Most Frequent Cause of Healthcare Data Breaches

by Fred Donovan

In the second quarter of 2018, the most frequent cause of healthcare data breaches was accidental disclosures, according to incidents reported to the Beazley Breach Response Services team.  Accidental disclosures made up 38 percent...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks