Healthcare Information Security

Patient Privacy

Health Data of 974,000 UW Medicine Patients Exposed for 3 Weeks

February 21, 2019 - The University of Washington Medicine is notifying about 974,000 individuals that some of their patient data was left exposed on the internet for three weeks due to a misconfigured server. The breach was discovered on December 26, when a patient conducted a Google search of their name and found a file containing their data. The patient notified UW Medicine. An investigation determined...

More Articles

2.7M Medical Calls, Sensitive Audio Exposed Online for 6 Years

by Jessica Davis

A 1177 Swedish Healthcare Guide Service server used to store the phone calls made to the service for healthcare information was left unencrypted and exposed online with no user authentication requirement, according to IDG Computer...

Blue Shield, AltaMed Patient Data Breached in Business Associate Hack

by Jessica Davis

Sharecare Health Data Services (SHDS) recently notified AltaMed Health Services and California Physicians Service (dba Blue Shield of California) of a network hack that potentially breached the data of thousands of their...

Government Report Finds China Could Use Medical Data for Blackmail

by Jessica Davis

China has been rapidly increasing its investment in the US biotechnology sector in recent years, which has potentially given them access to genetic, private, and medical data that could pose a security risk, according to a new report from...

42,000 AdventHealth Patients Impacted in Yearlong Data Breach

by Jessica Davis

About 42,000 AdventHealth Medical Group Pulmonary and Sleep Medicine patients are being notified that their personal and health data was breached for more than a year due to a hack of the Florida provider’s systems. On December...

United Hospital District Reports June 2018 Breach from Phishing Attack

by Jessica Davis

Minnesota-based United Hospital District is notifying 2,143 patients that their data was compromised during a June 2018 phishing attack. According to officials, the breach occurred for about two weeks from June 10 and June 27, 2018. The...

15 Million Patient Records Breached in 2018; Hacking, Phishing Surges

by Jessica Davis

Fifteen million patient records were breached during 503 healthcare data breaches in 2018, nearly triple the amount of reported incidents from the previous year, according to the Protenus 2019 Breach Barometer. Protenus analyzed the...

Blockchain Vendors Team with MDW on Medical Imaging Security

by Jessica Davis

Radiology blockchain marketplace Medical Diagnostic Web is partnering with two blockchain vendors, Bitfury and Longenesis, to build a new platform designed to maintain, share, and secure medical imaging data, the companies announced at...

Hackers Attempt to Extort Ontario Healthcare Provider CarePartners

by Jessica Davis

CarePartners experienced a data breach in 2018, and now the hackers are attempting to extort the Ontario-based provider for 5 bitcoins, or about $18,000, to prevent the public release of employee and patient files, according to...

24,000 Patient Records Breached in EyeSouth Partners Email Hack

by Jessica Davis

Georgia-based EyeSouth Partners recently began notifying 24,113 patients that their protected health information was potentially compromised after an employee email hack. On October 25, officials discovered an individual gained...

Aetna Reaches Settlement with California Over 2017 Privacy Breach

by Jessica Davis

Aetna will pay California $935,000 for its 2017 privacy breach, stemming from a mailing error that inadvertently revealed the HIV-related information of 1,991 Californians and 12,000 total patients by the envelope’s clear...

Phishing Hack Breaches PHI of 23,000 Colorado Patients for 3 Months

by Jessica Davis

Colorado-based Critical Care, Pulmonary & Sleep Associates recently notified 23,000 patients that their personal data was potentially breached during a phishing attack. On November 23, CCPSA officials discovered a hacker gained access...

Phishing Attack on Verity Health Breaches Patient Data

by Jessica Davis

Verity Health System and Verity Medical Foundation are notifying patients that their data was potentially breached by two separate phishing attacks. According to officials, one cyberattack occurred in November and the other in...

Valley Hope Association Email Hack Breaches Patient Data

by Jessica Davis

Kansas-based Valley Hope Association recently began notifying patients that their data was potentially breached during an email hack. VHA is a drug and alcohol addiction treatment organization with 16 facilities in seven states. Officials...

Months-Long Phishing Attack on Rehab Center Breaches Patient Data

by Jessica Davis

Memphis-based Sacred Heart Rehabilitation Center recently began notifying patients that their personal data was potentially breached due to a phishing attack. Officials discovered the hacker gained access to an employee email account...

Judge Gives Boston Children’s Hospital Hacker 10-Year Jail Sentence

by Jessica Davis

The hacker behind the notorious 2014 cyberattack on Boston Children’s hospital and another facility has been sentenced to 10 years in prison. In August 2018, Martin Gottesfeld was found guilty of launching the attack on behalf of...

Blue Cross Blue Shield of Michigan Breach Impacts 15,000 Customers

by Jessica Davis

Blue Cross Blue Shield of Michigan is notifying 15,000 customers that their data was potentially breached due to a stolen laptop. According to the notice, the stolen laptop belonged to a business associate of one of its subsidiaries. An...

NIST Risk Management Framework Update Addresses Privacy, Security

by Jessica Davis

The National Institute of Standards and Technology released the final version of its Risk Management Framework (RMF), addressing both privacy and security concerns around IT risk management. All federal agencies are required to follow the...

Blockchain, HIPAA Regulation Lead Top 10 Stories of 2018

by Jessica Davis

Throughout the year, healthcare privacy, security and cybersecurity have a remained a crucial part of boardroom discussions, determining how best to proceed in an ever-evolving threat landscape. Those conversations will continue to...

DHS Finds Encryption Vulnerabilities in Medtronic Programmers

by Jessica Davis

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team discovered encryption vulnerabilities in Medtronic’s 9790 and 2090 CareLink Programmers and 29901 Encore Programmers that could...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...