Healthcare Information Security

Healthcare Phishing

Potential PHI Exposure at BJC HealthCare Impacts 33K

March 15, 2018 - An internal security scan revealed that there was a data server configuration error, allowing potential PHI exposure at BJC HealthCare. The Missouri-based organization revealed in an online statement that 33,420 patients may have had their information made publicly accessible through the internet. Identifying documents were accessible without the appropriate security controls from May 9, 2017,...

More Articles

Reported Kansas PHI Data Breach Could Involve Info of 11K

by Elizabeth Snell

An unauthorized email from a Kansas Department for Aging and Disability Services (KDADS) employee was sent to a group of business associates, which created a possible PHI data breach, according to a KDADS online statement. KDADS became aware...

Weak Healthcare Cybersecurity Employee Training Affects IT Security

by Elizabeth Snell

Covered entities must ensure that staff members at all levels receive regular and comprehensive healthcare cybersecurity employee training. This is a HIPAA requirement but is also critical to keeping the workforce up to date on evolving IT security...

OCR Highlights 8 Tips for Avoiding Healthcare Phishing Attacks

by Elizabeth Snell

Healthcare phishing attacks are becoming more sophisticated, which is why organizations must remain vigilant in their detection measures, OCR explained in its recent cybersecurity newsletter. Hackers can take advantage of popular holidays to...

Decatur County General EMR Security Incident Impacts 24K

by Elizabeth Snell

Tennessee-based Decatur County General Hospital experienced an EMR security incident when unauthorized software was installed on the server the EMR vendor supports on the organization’s behalf. Decatur County received a security incident...

78% of Healthcare Workers Lack Data Privacy, Security Preparedness

by Elizabeth Snell

Improved data privacy and security employee training programs will greatly benefit healthcare organizations as they work to keep pace against evolving cybersecurity threats, according to recent research. Seventy percent of employees in numerous...

Prevent Healthcare Phishing with Employee Security Training

by Elizabeth Snell

Implementing a strong employee security training program is consistently noted as a key way for covered entities to prevent healthcare phishing attacks. Organizations of all sizes need to ensure that staff members can recognize malicious emails...

Remaining Vigilant Against Increasing Healthcare Ransomware Threats

by Elizabeth Snell

Healthcare ransomware attacks increased by 89 percent from 2016 to 2017, according to recent research from Cryptonite. Furthermore, one-quarter of all IT/hacking events reported to OCR in 2017 were attributed to ransomware incidents. Gathering...

Ransomware Attack Raises Health Data Security Worry for 2.6K

by Elizabeth Snell

Columbus, Nebraska-based Eye Physicians, P.C. experienced a ransomware attack on October 7, 2017 that encrypted files on some of its servers. The organization was able to immediately restore servers through a backup, it explained in an online...

Unauthorized Server Access Creates Data Security Concern for 47K

by Elizabeth Snell

Carl Albert State College (CASC) is re-notifying certain individuals of unauthorized server access from 2016 that may create data security concerns. CASC explained in an online statement that the server was accessed on April 7, 2016. It...

Healthcare Phishing, Computer Viruses Top Cyber Attack Methods

by Elizabeth Snell

Healthcare organizations should consider increasing their cybersecurity measures as 83 percent of physicians report they have experienced a cybersecurity attack, according to research from Accenture and the American Medical Association (AMA)....

78% of Providers Report Healthcare Ransomware, Malware Attacks

by Elizabeth Snell

Email is the most likely cause for a data breach, according to recent research, with 78 percent of providers reporting that they experienced a healthcare ransomware or malware attack in the past 12 months. Eighty-seven percent of respondents...

Henry Ford Health System PHI Data Breach Affects 18K

by Elizabeth Snell

Henry Ford Health System experienced a PHI data breach after an unauthorized individual gained access to or stole a group of employees’ email accounts, according to an online statement from the organization. Henry Ford said it is notifying...

How an Ohio Hospital Avoided a Widespread Ransomware Attack

by Elizabeth Snell

Having the necessary and applicable data security tools in place, along with comprehensive employee education, are critical for ransomware attack prevention measures. Organizations of all sizes need to be aware of the potential threats and be...

NH-ISAC Calls for Improved Healthcare Email Security Practices

by Elizabeth Snell

Nearly all top healthcare providers – 98 percent – have not implemented Domain-based Message Authentication, Reporting & Conformance (DMARC), which could lead to healthcare email security issues, according to a recent survey....

PHI of 9.5K Possibly Compromised in WI Healthcare Phishing Attack

by Elizabeth Snell

The Medical College of Wisconsin (MCW) announced that it suffered a healthcare phishing attack and that certain PHI may have been affected as it was in the accessed employee email accounts. An investigation and manual document review showed that...

16K Patients Notified Following Phishing Scam in MD Facility

by Elizabeth Snell

Maryland-based Chase Brexton Health Care reported that “a number of” its employees fell for a phishing scam between August 2, 2017 and August 3, 2017. Employees received a “bogus” survey via email, which once completed,...

Arkansas Facility Ransomware Attack Potentially Affects 128K

by Elizabeth Snell

Arkansas Oral & Facial Surgery Center recently announced on its website that it experienced a ransomware attack on its computer network on July 26, 2017. An investigation determined that the ransomware had been installed either earlier that...

Neurology Foundation Unauthorized PHI Access Could Affect 12K

by Elizabeth Snell

Rhode Island-based The Neurology Foundation, Inc. (Foundation) recently announced that an employee had been making unauthorized PHI access. The employee had been using a company credit card to make unauthorized purchases, but it was discovered...

Top 3 Health Data Breaches Impact Nearly 1.5M Individuals

by Elizabeth Snell

Hacking and IT security issues, including phishing scams and ransomware attacks, are still the leading causes for the largest health data breaches in 2017, according to data from OCR. The three largest incidents thus far – two of which...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks