Protected Health Information

BD Discloses Viper, Pyxis Medical Device Vulnerabilities

by Jill McKeon

The Cybersecurity and Infrastructure Security Agency (CISA) issued two advisories concerning medical device vulnerabilities in some Becton, Dickinson and Company (BD) products. If exploited, the...

Houston Health Department Suffers Healthcare Data Breach

by Jill McKeon

The Houston Health Department suffered a data breach on its COVID-19 test results portal. Approximately 3,500 portal users may have had access to 10,000 COVID-19 test results. The results included the...

Jackson Hospital Suffers Patient Data Exfiltration Incident

by Jill McKeon

Data exfiltration and improper protected health information (PHI) access were the cause of some recent healthcare data breaches. As data breaches continue to overwhelm the healthcare sector,...

Sea Mar Community Health Centers Faces Lawsuit Over Data Breach

by Jill McKeon

Seattle-based Sea Mar Community Health Centers (SMCHC) is facing a class-action lawsuit over its handling of a 2021 data breach that impacted 688,000 individuals. The lawsuit alleged that SMCHC was...

HIPAA Technical Safeguards: A Basic Review

by Editorial Staff

While no healthcare organization can eliminate the possibility of facing a data breach, implementing HIPAA technical safeguards can go a long way toward mitigating cyber risk. Under the HIPAA Security...

Malware, Employee Email Breaches Result in PHI Exposure

by Jill McKeon

One look at the Office for Civil Rights (OCR) data breach portal shows that hospitals, nonprofits, and small community health centers continue to face healthcare data breaches. Hundreds of thousands...

CaptureRx to Consider Filing For Bankruptcy if $4.75M Settlement Not Approved

by Jill McKeon

CaptureRx CEO Chris Hotchkiss said the company would “strongly consider” filing for bankruptcy if a $4.75 million settlement to resolve multiple class-action lawsuits resulting from a 2021...

Illinois Hospital, FQHC Suffer Healthcare Data Breaches, PHI Exposure

by Jill McKeon

This week, two Illinois healthcare organizations began notifying patients of separate healthcare data breaches that caused protected health information (PHI) exposure. South Shore Hospital in Chicago...

Legislators Introduce Bill to Modernize HIPAA, Health Data Privacy Laws

by Jill McKeon

US Senators Tammy Baldwin (D-WI) and Bill Cassidy (R-LA) introduced the Health Data Use and Privacy Commission Act intending to modernize health data privacy laws to reflect the current tech landscape....

KY Hospital Systems Down During Cybersecurity Incident Investigation

by Jill McKeon

Healthcare organizations notified victims of data breaches resulting from cyberattacks, server misconfigurations, and burglaries this week. As a result, the protected health information (PHI) of many...

West Virginia-Based Monongalia Health System Suffers Phishing Attack

by Jill McKeon

West Virginia-based Monongalia Health System (Mon Health), along with its affiliated hospitals Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company announced that...

Former NY Hospital Employee Charged with HIPAA Violation

by Jill McKeon

New York-based Huntington Hospital began notifying 13,000 patients of a data breach that exposed protected health information (PHI) and resulted in a former employee being charged with a HIPAA...

Patients File Lawsuits in Wake of Healthcare Data Breaches

by Jill McKeon

Healthcare data breaches may result in the exposure of protected health information (PHI) and personally identifiable information (PII), and victims are often advised to remain vigilant against...

2 NJ Printing Companies Fined for HIPAA Violations, PHI Exposure

by Jill McKeon

Two New Jersey-based printing companies agreed to pay a fine of $130,000 for potentially committing HIPAA violations and New Jersey Consumer Fraud Act (CFA) violations through protected health...

Philips TASY EMR Vulnerabilities May Expose Patient Data

by Jill McKeon

Philips disclosed two security vulnerabilities in its TASY EMR HTML5 system in a recent advisory that may allow for patient data exposure. If exploited, unauthorized users could potentially exfiltrate...

Organization-Wide PHI Access is Commonplace at Most Healthcare Orgs

by Jill McKeon

On average, nearly 20 percent of files were open to every employee at a given healthcare organization starting on their first day of employment, pointing to troubling data security issues and poor PHI...

Exploring Zero Trust Security in Healthcare, How It Protects Health Data

by Jill McKeon

Under the watchful eye of a zero trust security model, no device or user is automatically trusted before being vetted by strict authentication processes. Zero trust is not a single technology or tactic, but a set of cyber defenses that...

De-Identification of PHI According to the HIPAA Privacy Rule

by Jill McKeon

De-identification of protected health information (PHI) can help researchers glean valuable insights about population health, aid in healthcare policymaking, and bolster other research ventures. Once PHI is de-identified and can no longer...

Workers Report Burnout Due to Healthcare Cybersecurity Concerns

by Jill McKeon

Physician burnout was a growing problem prior to the pandemic, but other healthcare professionals are reporting significant levels of burnout as well, according to a survey conducted by Spok. Over 50...

Guardian Patient Portal Access Impacts Adolescent Patient Privacy

by Jill McKeon

Over 64 percent of parents or guardians have accessed their child’s patient portal and viewed outbound messages at least once, showing a need to address adolescent patient privacy and...