Recent HIPAA News

Gateway Rehabilitation Center (Gateway Rehab) based in Pennsylvania recently reported that it encountered an incident causing access problems to selected systems. Gateway Rehab detected the incident on June 13, 2022 and took quick action to [...]

Wright & Filippis, the prosthetics, orthotics, and accessibility service provider based in Rochester Hills, MI has just reported that it encountered a ransomware attack on its system. The attack happened from January 26 to January [...]

There was a worldwide upsurge in cyberattacks in Quarter 3 of 2022. Attacks increased by 28% in contrast to the same period in 2021. Attacks today occur at an average rate of 1,130 every week, [...]

Compliancy Group has recently confirmed that dentistry practice Dental Oasis, (Inku & Myung Dental Inc.) based in Inglewood, CA has an efficient HIPAA compliance program. Dental practices are categorized as covered entities according to the [...]

Salud Family Health Gives Latest News on September 2022 Ransomware Attack Salud Family Health based in Colorado, a Federal Qualified Health Center (FQHC), just gave the latest information on a cyberattack that happened in September [...]

Governor Tom Wolf of Pennsylvania just approved Senate Bill 696. The bill broadens the definition of personal information that is covered in the Breach of Personal Information Notification Act which requires the issuance of notifications [...]

CommonSpirit Health has just given news updates about the development of its recovery effort in response to the October 2022 ransomware attack that impacted numerous services throughout its network. The health system discovered the attack [...]

The Health Sector Cybersecurity Coordination Center (HC3) has lately provided information on the tactics, techniques, and procedures related to Venus ransomware attacks. It gave a number of tips about mitigations that healthcare groups can carry [...]

CommonSpirit Health has lately given an announcement about the development that has been done in recouping from a ransomware attack in October 2022 that impacted a lot of services throughout its network. The health system [...]

A number of anesthesia service providers have reported that they were impacted by a data breach encountered by their management services organization (MSO). In October, 13 anesthesia services providers to hospitals were impacted by the [...]

President Biden proclaimed November to be observed as Critical Infrastructure Security and Resilience Month. It is a month focused on increasing understanding of the requirement to enhance critical infrastructure and toning up the strength of [...]

The Department of Health and Human Services (HHS)’ Office for Civil Rights (OCR) has published a YouTube video that tells at length how the HITECH Act amendment in 2021 concerning “Recognized Security Practices” is applicable [...]

Passwords are an affordable and easy way of authentication. Although passwords offer a high level of security, the fact is that they are a weak spot that threat actors frequently exploit to acquire access to [...]

Private practice Neurology MIND Care PLLC based in Merrick, NY offers cognitive behavioral neurology and dementia consultation services. Compliancy Group recently certified Neurology MIND Care as having an effective HIPAA compliance program. Because Neurology MIND [...]

The U.S. government is working on enhancing critical infrastructure cybersecurity. The White House has chosen the healthcare, communications, and water sectors as the next priority areas. The White House is about to release new guidance [...]

VisionWeb Holdings based in Austin, TX, a company providing the eye care industry with Internet-delivered software solutions for enhancing practice efficiency, lately submitted a data breach report to the HHS’ Office for Civil Rights indicating [...]

Cybercriminals extensively target the healthcare industry in order to access healthcare networks for a variety of nefarious uses. Why are healthcare records remarkably valuable to criminals? Hackers do a lot to gain access to healthcare [...]

Radiology Associates of Albuquerque (also known as RAA Imaging/Advanced Imaging, LLC) has lately informed patients about the theft of some of their protected health information (PHI) in a cyberattack that was discovered over A year [...]

Aesthetic Dermatology Associates based in Pennsylvania has lately confirmed that unauthorized individuals accessed its network and possibly viewed and/or obtained files that contain the personal data and protected health information (PHI) of 33,793 present and [...]

Cardiac Imaging Associates based in Los Angeles, CA, has found out that an unauthorized person got access to the email account of an employee. The healthcare provider discovered the incident in April 2022, and took [...]

Cytometry Specialists, Inc., conducting business as CSI Laboratories based in Alpharetta, GA, has lately reported that an unauthorized person accessed the email account of a worker and could have seen or acquired the protected health [...]

CommonSpirit Health is dealing with a data security incident that has impacted a lot of its healthcare services. Based on an October 4, 2022 statement released by the health system, IT systems were inaccessible online [...]

Managed services provider (MSP) CGuilbert Technologies based in Milwaukee, WI provides managed IT solutions to the healthcare and education industries. It recently confirmed taking the needed steps to be in compliance with the HITECH Act [...]

Microsoft was cautioned about the exploitation in the wild of two zero-day vulnerabilities in Microsoft Exchange Server. It has discussed mitigations prior to the patching of the vulnerabilities. The two vulnerabilities are being linked together [...]

A warning was released to the healthcare and public health (HPH) community regarding a Monkeypox phishing campaign attacking U.S. healthcare providers that tries to steal Office 365, Outlook, and other email account credentials. Monkeypox is [...]

Google Meet is an innovative VoIP and videoconferencing program that healthcare providers can use to deliver telehealth services, remote consultation services, and virtual patient sessions. However, is Google Meet compliant with HIPAA? Google Meet is [...]

The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has informed 38,765 patients about the potential compromise of some of their protected health information (PHI) in a cyberattack that happened approximately on July 11, 2022. [...]

The Federal Bureau of Investigation (FBI) has released a TLP:WHITE Private Industry Notification notifying about persistent cybercriminal efforts attacking healthcare payment processors that endeavor to direct victim payments to accounts controlled by the attackers. These [...]

The Federal Bureau of Investigation (FBI) has given a private industry notification alert concerning the growing number of vulnerabilities in healthcare devices. When medical devices aren’t immediately patched and are operating on obsolete programs, malicious [...]

Emerging technologies could transform the healthcare sector. Although there are lots of potential advantages, these technologies could bring risks that can endanger patient privacy and security. When vulnerabilities aren’t appropriately dealt with, threat actors can [...]

Rapid 7 researchers found four vulnerabilities in Baxter and Sigma Spectrum infusion pumps. These devices are employed to supply patients with medications and nutrition. These TCP/IP enabled-devices are typically linked to healthcare networks. Vulnerabilities can [...]

RabbitSign based in Palo Alto, CA. is now certified by Compliancy Group’s compliance specialists as providing a free-to-use, unlimited e-signing solution that is compliant with the HIPAA Rules. RabbitSign was created at the time of [...]

The HHS’ Office of Inspector General (OIG) has required the Health Resources and Services Administration (HRSA) to enhance supervision of the cybersecurity of the Organ Procurement and Transplantation Network (OPTN). The OPTN is a nationwide [...]

Five vulnerabilities were found in CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor of Contec Health. A threat actor could exploit the vulnerabilities to carry out a denial-of-service attack, gain access to a root shell, [...]

CorrectHealth Notifies 54,000 Patients About the Email System Breach in November 2021 CorrectHealth based in Alpharetta, GA is sending notifications to patients regarding a breach of its email accounts. The security breach was identified on [...]