Recent HIPAA News

Eastern Los Angeles Regional Center learned that an unauthorized person had accessed the email account of one of its employees. On July 15, 2021, the center noticed suspicious activity in the email account and performed [...]

Family Medical Center of Michigan (FMC) located in Temperance, MI has advised 21,988 patients regarding a July 2020 ransomware attack that resulted in the potential compromise of their protected health information (PHI). FMC stated that [...]

August 2021 had 44% less number of reported healthcare data breaches. Healthcare providers, health plans, and their business associates reported 38 healthcare data breaches involving 500 or more records. Including August’s reported data breaches, the [...]

The Alaska Department of Health and Social Services (DHSS) is about to begin mailing notification letters to all people in the state to let them know about the potential compromise of their personal and health [...]

Austin Cancer Centers is notifying 36,503 patients regarding the compromise of some of their protected health information (PHI) because of a security incident identified on August 4, 2021. Unauthorized people were learned to have acquired [...]

California’s Department of State Hospitals – Coalinga (DSH-C) has informed 1,738 patients about the impermissible disclosure of some of their protected health information (PHI) by a DSH-C employee. The United States District Court, Eastern District [...]

Creators of health applications and wearable devices like fitness trackers that get health information received a warning from the Federal Trade Commission (FTC) that they must abide by the FTC Health Breach Notification Rule and [...]

The protected health information (PHI) of 116,898 patients of HealthReach Community Health Centers based in Waterville, MA was exposed and possibly compromised. HealthReach Community Health Centers manages 11 community health centers located in Western and [...]

On June 25, 2021, Mental health service provider Wedge Recovery Centers based in Philadelphia, Pennsylvania, found suspicious activity in its computer network that suggested unauthorized persons had accessed its systems. The provider immediately took steps [...]

Denton County in Texas has identified a vulnerability in a third-party provider software utilized in association with the personal health information (PHI) of individuals that was possibly exploited by unauthorized people. The software was utilized [...]

The Cybersecurity and Infrastructure Security Agency (CISA) has refreshed its listing of cybersecurity bad practices that should be eliminated. Cyber threat actors frequently carry out highly sophisticated attacks to obtain access to internal systems and [...]

New research of breach reports sent to the Department of Health and Human Services’ Office for Civil Rights has shown that outpatient facilities and specialty clinics were attacked by cyber threat actors more often than [...]

Atlanta Allergy & Asthma has begun sending notifications to 9,851 patients regarding a January 2021 cyberattack whereby their protected health information (PHI) was exposed and possibly breached. Atlanta Allergy & Asthma stated its investigation into [...]

San Andreas Regional Center located in San Jose, CA has begun informing patients regarding the potential compromise of their PHI in a ransomware attack in July 2021. On July 5, its systems and servers were [...]

Metro Infectious Disease Consultants is informing 171,740 patients concerning an email security incident uncovered on June 24, 2021. An unauthorized person had acquired access to some employees’ email accounts which included the protected health information [...]

HIPAA-covered entities and their business associates are still reporting big numbers of healthcare data breaches. July had 70 reported data breaches involving at least 500 records, which means having 2 or more data breaches reported [...]

St. Joseph’s/Candler (SJ/C) hospital system located in Savannah, GA had been attacked by ransomware on June 17, 2021 at approximately 4 a.m. After becoming aware of the suspicious activity in its system, SJ/C quickly worked [...]

At the beginning of August, a hacker contacted Dissent of DataBreaches.net and professed to have acquired access to the systems of an HVAC vendor and the systems of its customers, such as Boston Children’s Hospital. [...]

The personal information of 750,000 Hoosiers gathered together with a COVID-19 contact tracing survey performed by the Indiana Department of Health was exposed on the internet and downloaded by an organization not allowed to get [...]

Ransomware attacks on hospitals can result in massive financial deficits, just like what the Ryuk ransomware attack did on Universal Health Services. UHS is one of the biggest healthcare companies in America and runs 26 [...]

USA Waste-Management Resources, LLC has begun informing a number of employees, ex-employees, and dependents covered by its self-managed health plan regarding the potential compromise of some of their personal data and protected health information (PHI) [...]

The email accounts of some employees of Children’s Hospital of The King’s Daughters (CHKD) based in Norfolk, VA were compromised in a phishing attack. CHKD stated in its August 10, 2021 breach notification that the [...]

The Journal of the American Medical Informatics Association (JAMIA) published a recent study that sought to determine the connection of cybersecurity risk ratings to healthcare data breaches. The study was carried out utilizing hospital cybersecurity [...]

NCH Corporation based in Irving, TX, a global marketer of maintenance products, submitted a report concerning an alleged ransomware attack. The company detected suspicious network activity inside its networks on March 5, 2021, that made [...]

Ransomware attacks have gone up considerably in the last 12 months, nevertheless, phishing attacks still bring about problems for companies, based on a recent survey done by Arlington Research together with security company Egress. Nearly [...]

Nine critical vulnerabilities were found in the Swisslog Healthcare Translogic Pneumatic Tube System (PTS) stations’ Nexus Control Panel, which are utilized in over 80% of big hospitals in the U.S.A. Pneumatic tube systems are employed [...]

Kubernetes is a well-known open-source cloud tool for deploying and running containerized applications. Lately, there were a number of security breaches that allowed hackers to get access to badly secured Kubernetes accounts to steal sensitive [...]

Curogram, a texting and telemedicine platform provider, has exhibited its dedication to comply with the Health Insurance Portability and Accountability Act (HIPAA) Regulations. Compliancy Group has confirmed Curogram to have executed an efficient HIPAA compliance [...]

Harris County in Texas has uncovered that the personal and health information (PHI) of thousands of people were exposed on the internet. It is likely that unauthorized individuals may have accessed this data. Under Harris [...]

Based on the newest report from ransomware incident response firm Coveware, there is a 38% decline in the average ransom payment made by victims of ransomware attacks between Q1 and Q2, 2021. Q2’s average ransom [...]

2020 was notably bad for the healthcare sector considering the record numbers of reported data breaches. Ransomware was a big threat. Emsisoft identified 560 ransomware attacks on healthcare companies last 2020. According to Comparitech, the [...]

The Cancer Center at Greenwood Leflore Hospital (CCGLH) in Mississippi informed its patients about the Elekta ransomware attack as a preventative measure to avert identity theft and fraud. Elekta notified CCGLH on May 17 regarding [...]

The Nebraska Department of Health and Human Services has made an announcement about a security incident that involved the protected health information (PHI) of clients of Aging Partners, a department of the City of Lincoln. [...]

Oklahoma Heart Hospital has begun informing a number of patients regarding a privacy incident wherein paperwork that contains some patient data was unintentionally contributed to charity. A former worker had written notes by hand that [...]

For three successive months, there has been an increase in the number of reported healthcare data breaches involving at least 500 records. June had 70 data breaches involving at least 500 records reported to the [...]

University Medical Center of Southern Nevada (UMC) has encountered a ransomware attack and had patient data stolen. The medical center said it identified suspicious activity within the hospital system in mid-June and had taken fast [...]

Another three healthcare providers made an announcement that they were affected by the recent ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery solution provider. Elekta has a cloud-based mobile app known as [...]

Sierra Nevada Primary Care Physicians based in California is notifying 1,717 patients regarding an incident that resulted in the stealing of selected protected health information (PHI), which includes names and credit card details. The District [...]

The protected health information (PHI) of around 30,063 Florida Blue (Blue Shield of Florida and Blue Cross) members might have been seen or acquired during a brute force attack on the online member portal of [...]

Like California and Virginia, Colorado has passed a comprehensive data privacy law to protect state locals. There were several amendments made before the Colorado Privacy Act went over the line. The state Senate finally passed [...]

Coastal Family Health Center (CFHC), the fourth biggest community health center based in Mississippi, has begun informing patients regarding a May 13, 2021 cyberattack that compromised some of their protected health information (PHI). CFHC stated [...]

According to a new NBC4 Investigates Report, a breach of the Ohio State University’s (OSU) pilot program that assists veterans to recuperate from Post Traumatic Stress Disorder (PTSD) and other psychological health problems led ot [...]

The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) has released a new information that details cybersecurity bad practices, which are extremely harmful and considerably increase threat to critical infrastructure. There are a lot of publicized [...]

Five Rivers Health Centers located in Ohio has advised 155,748 patients regarding the unauthorized access to some of their protected health information (PHI) contained in email accounts as a consequence of a phishing attack. There [...]