Healthcare Information Security

Healthcare Data Security

Ransomware Attack Impacts 16,000 Patients in Georgia

December 14, 2018 - A ransomware attack on specialist Mind and Motion Developmental Centers of Georgia potentially breached the data of about 16,000 patients. Officials discovered a ransomware attack infected a company server on September 30, a Sunday. The server contained a trove of patient data including names, birthdates, medical histories, gender, Social Security numbers, diagnoses, insurance details...


More Articles

AI, IoT, Medical Devices Top Health Cybersecurity Predictions for 2019

by Jessica Davis

Cybersecurity continued to be a struggle for many in the healthcare sector this year, with several massive breaches, successful targeted phishing campaigns, and security events caused by human error. While providers struggled with the...

Email Error, Lack of Encryption Breaches Nebraska Patient Data

by Jessica Davis

Fremont, Nebraska-based Prairie Fields Family Medicine is notifying 6,450 patients that their patient data was potentially breached due to an emailing error. An employee inadvertently sent an unencrypted spreadsheet to the wrong email...

DOJ Indicts SamSam Hackers Behind Targeted Ransomware Attacks

by Jessica Davis

The Department of Justice indicted two Iranian hackers behind the targeted and highly successful SamSam ransomware campaign that has plagued the healthcare sector for several years. The federal prosecutors charged Mohammad Mehdi Shah...

2.65M Atrium Health Patient Records Breached in Third-Party Vendor Hack

by Jessica Davis

The data of more than 2.65 million Atrium Health patients was breached for a week-long period, due to a cyberattack on the health system’s billing vendor AccuDoc Solutions in September. The North Carolina billing vendor prepares...

Arizona MCOs Fail OIG Security Audit, Putting Medicaid Data at Risk

by Jessica Davis

A Department of Health and Human Service Office of Inspector General audit of two Arizona Managed Care Organizations found significant, security vulnerabilities in its information systems, which call into question the integrity of the...

Weekend Ransomware Attack Interrupts Care at 2 Ohio Hospitals

by Jessica Davis

Patients needing emergency care were diverted away from East Ohio Regional Hospital and Ohio Valley Medical Center over the weekend due to a ransomware attack. Officials confirmed the attack began on Friday night and continued into...

HealthEquity Email Hack Breaches Data of 190K Patients

by Jessica Davis

An email hack on two employee email accounts potentially breached the personal data of 190,000 HealthEquity customers. HealthEquity provides health savings accounts and similar services to more than 3.4 million individuals. This is the...

Phishing Attack Impacts Health Data of 128K Employees, Patients

by Jessica Davis

New York Oncology Hematology is notifying 128,400 employees and patients that their patient data may have been breached, after 15 employees fell victim to a phishing campaign in April. The phishing emails were highly targeted, appearing...

AMIA Calls for Federal Alignment of Health Data Privacy Policies

by Jessica Davis

The American Medical Informatics Association is calling on the Trump Administration to better align data privacy policies from both the health and consumer sectors. In a letter to the National Telecommunications and Information...

Healthcare’s Dependence on Fax Machines Poses Risk to Health Data

by Jessica Davis

While the healthcare sector has some of the most advanced technology available, it’s oft perplexing to discover that about 75 percent of all healthcare communications are still processed by the antiquated fax machine. Security...

Health Data Breach Compromised PHI on 566K CNO Customers

by Fred Donovan

CNO Financial Group reported to OCR on Oct. 25 that a breach compromised PHI on 566,217 individuals. CNO Financial Group’s largest unit, Bankers’ Life, issued a statement describing the breach. The group discovered...

NJ Fines Vendor Behind Virtua Healthcare Data Breach $200K

by Fred Donovan

New Jersey is slapping a $200,000 fine on a defunct Georgia-based medical transcription company that caused the Virtua Medical Group breach impacting more than 1,650 individuals in 2016. The $200,000 fine includes $191,492.00 in civil...

Ransomware Attack at Iowa Eye Clinic Puts PHI of 40K at Risk

by Fred Donovan

Iowa-based Jones Eye Clinic suffered a ransomware attack that may have compromised personal data on 40,000 patients, the Sioux City Journal reported Oct. 24. Information that might have been exposed included patient full name, address,...

HHS Opens Healthcare Cybersecurity Center To Aid Private Sector

by Fred Donovan

HHS has opened its Health Sector Cybersecurity Coordination Center (HC3), which will be a healthcare cybersecurity threat analysis and incident response partner to the private sector. HC3 replaces the Healthcare Cybersecurity and...

HHS OIG Probes Healthcare.gov Portal Data Breach Affecting 75K

by Fred Donovan

HHS OIG is investigating the Healthcare.gov portal data breach that put personal information on 75,000 individuals at risk. So far, the office has determined that no PHI, banking, or tax information was exposed during the breach,...

Healthcare Takes Around 350 Days to Identify, Contain Data Breach

by Fred Donovan

The healthcare industry had the second highest number of days to identify and contain a data breach, around 350 days, according to a recent study by The Ponemon Institute and IBM. The healthcare industry was second only to the...

Healthcare Organizations Struggle with Vendor IT Security Risks

by Fred Donovan

BOSTON – Healthcare organizations have a range of approaches for assessing and managing the IT security risks posed by third-party vendors, one of the biggest sources of frustration for security teams. St. Luke’s Health System...

SRA Tool 3.0 Expands Application to More Health Data Security Risks

by Fred Donovan

OCR and ONC have updated their security risk assessment (SRA) tool (3.0) to improve usability and expand its application to a broader range of health data security risks. The agencies developed the tool to help small to medium-sized...

Risk Posed By 3rd-Party Services Is Big Healthcare Security Worry

by Fred Donovan

BOSTON—Security risks posed by integration of third-party patient services will be an ongoing healthcare security concern for organizations, commented Johns Hopkins University and Medicine CISO Darren Lacey during a panel...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...