Recent HIPAA News
-
Parker-Hannifin Cyberattack Affects About 120,000 Health Plan Members Parker-Hannifin Corporation based in Cleveland, OH, a company offering motion and control technologies, lately announced that unauthorized people have obtained access to a section of its IT [...]
-
Based on the latest security advisory released by the Five Eyes Cybersecurity agencies in the U.K., U.S., Australia, Canada, and New Zealand, the most frequent attack vectors cyber threat actors use for preliminary access to [...]
-
The medical equipment organization NuLife Med LLC based in Manchester, NH, has just announced that it encountered a cyberattack in March 2022. It discovered suspicious network activity on or approximately March 11, 2022, and took [...]
-
The nonprofit health system Christus Health based in Irving, TX operates over 600 healthcare establishments in Arkansas, Texas, New Mexico, and Louisiana. It has been reported recently that it discovered suspicious activity with its computer [...]
-
Unauthorized persons have acquired access to the computer systems of Eye Care Leaders, which is an electronic health records and patient management software solutions provider for eye care clinics. On or around December 4, 2021, [...]
-
The tactics, techniques, and procedures (TTPs) employed by ransomware and other cyber attackers are always changing to elude identification and enable the groups to carry out more successful attacks. The Department of Health and Human [...]
-
A new bill was presented to address the issue of cybersecurity of medical devices that will necessitate makers of medical devices to satisfy particular minimum criteria for cybersecurity with regard to the complete lifecycle of [...]
-
Class action lawsuits were lately filed against Oregon Anesthesiology Group and Partnership Health Plan in Northern California because of ransomware attacks that resulted in the theft of sensitive patient/plan member information. Partnership Health Plan of [...]
-
Healthplex Inc., one of the largest dental insurance providers located in New York state, has announced the compromise of an employee’s email account during a phishing attack on November 24, 2021. Upon discovery of the [...]
-
The National Institute of Standards and Technology (NIST) released an updated version of the cybersecurity supply chain risk management (C-SCRM) guidance to aid businesses in developing an effective plan for identifying, evaluating, and responding to [...]
-
Making and remembering long, complicated passwords is hard for many individuals, and it is made even more difficult because of the need to make passwords to protect several accounts – A study by NordPass advises [...]
-
May 5, 2022 is World Password Day. This event was established in 2013 and is observed every first Thursday of May with the objective of bettering understanding of the value of using complex and unique [...]
-
The Five Eyes security agencies, a group of intelligence agencies from Canada, Australia, New Zealand, the United States, and the United Kingdom have released a joint advisory regarding the 15 vulnerabilities in software programs and [...]
-
American Addiction Centers (AAC), a group of treatment centers for people battling drug dependency, alcohol dependency, and co-occurring behavioral/mental health problems, was lately affirmed as having reached compliance with all of the required criteria of [...]
-
Smile Brands located in Irvine, CA offers support services for dental clinics. It just gave a new report on the number of persons affected by a ransomware attack, which was uncovered on April 24, 2021. [...]
-
HIPAATizer.com offers web developers its all-in-one WordPress plugin and form builder to create HIPAA-compliant websites. It has received its certification of compliance with all criteria of the HIPAA Regulations that are applicable to business associates [...]
-
The five eyes cybersecurity agencies have lately published a joint security advisory regarding the danger of cyberattacks on critical infrastructure carried out by pro-Russia cybercriminal groups and Russian nation-state threat actors. Intelligence collected by the [...]
-
Georgia Pines CSB and Ballard Health recently reported security breaches that affected the protected health information (PHI) of 28,295 people. Ballad Health Finds Breach Involving Employee Email Account Ballard Health, an integrated community health improvement [...]
-
The Federal Bureau of Investigation (FBI) has given a TLP: WHITE flash notification regarding the BlackCat ransomware-as-a-service (RaaS) operation. BlackCat, also called ALPHAV, which began in November 2021. It was released immediately after the shutdown [...]
-
The HHS’ Office of Information Security Health Sector Cybersecurity Coordination Center (HC3) has released a TLP: White alert concerning the Hive ransomware gang – A specifically hostile cybercriminal operation that has substantially attacked the healthcare [...]
-
For the fourth month now, there has been a drop in the number of reported healthcare data breaches. March 2022 had 43 healthcare data breaches involving 500 and up records reported to the U.S. Department [...]
-
Newman Regional Health (NRH), which manages a 25-bed critical access hospital located in Emporia, KS, has lately begun informing 52,224 individuals that unauthorized persons have acquired access to selected employee email accounts containing protected health [...]
-
Legal action was taken versus the in-home respiratory care company, SuperCare Health, because of a cyberattack and information breach report sent to the Department of Health and Human Services as of March 28, 2022. The [...]
-
Resources for Human Development Breach Impacts 46,673 Persons Resources for Human Development (RHD), a national human services non-profit group based in Philadelphia, PA, has recently reported the theft of a hard drive that contains the [...]
-
There were five zero-day vulnerabilities found in Aethon TUG autonomous mobile robots, which hospitals around the world use for transporting products, medicines, and other medical items. Hospital robots are alluring targets for hackers. When access [...]
-
Due to the latest data breach at Mailchimp, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) gave an alert regarding the risk of phishing attacks utilizing this email marketing service. [...]
-
The U.S. Food and Drug Administration (FDA) has released new draft guidance to help medical device companies integrate cybersecurity features into their merchandise at the premarket phase, and to make sure safety risks are taken [...]
-
Charleston Area Medical Center Breach Had 54,000 Victims Charleston Area Medical Center (CAMC) located in Charleston, WV, has just announced a phishing attack that allowed unauthorized individuals to get access to the email accounts of [...]
-
SuperCare Health based in Downey, CA, a provider of post-acute, in-home respiratory care in the Western United States, recently began informing 318,379 individuals about the exposure of some of their protected health information (PHI) and [...]
-
Two remote code execution vulnerabilities were discovered in the Spring platform – a well-known application framework utilized by software creators for quickly creating Java apps. Proof-of-concept exploits for the two vulnerabilities can be found in [...]
-
An audit of Health Insurance Exchange of Connecticut, Access Health CT, by the state auditor indicated that Access Health CT experienced 44 data breaches in the period of 3.5 years and did not completely report [...]
-
Partnership Health Plan of California Getting back from Alleged Ransomware Attack The nonprofit managed care health plan based in Fairfield, CA, Partnership Health Plan of California (PHC), experienced a cyberattack that resulted in the shut [...]
-
$7 Billion Lost Every Year Because of Fraud Rep. Ted Archer explained a Congressional Report to the House Ways and Means Committee in March 1996. The report exposed the degree of abuse and fraud in [...]
-
Conti Ransomware Gang Owns Responsibility for CSI Laboratories Cyberattack Cytometry Specialists, Inc. also known as CSI Laboratories in Alpharetta, GA, has lately announced that it encountered a cyberattack that was noticed on February 12, 2022. [...]
-
$50,000 Civil Monetary Penalty Paid by Dental Practice for Social Media HIPAA Violation OCR investigated Dr. U. Phillip Igbinadolor, D.M.D. & Associates, P.A., (UPI), dental practice managing offices in Monroe and Charlotte, NC after a [...]
-
Horizon Actuarial Services and the Clinic of North Texas have just announced breaches of the protected health information (PHI) of patients and plan members. Data Theft and Extortion Incident at Horizon Actuarial Services Horizon Actuarial [...]
-
Two bipartisan senators introduced a new bill that aspires to enhance the cybersecurity of the healthcare and public health (HPH) industry, in consideration of the current White House alert about the growing danger of Russian [...]
-
The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has published its 2021 Internet Crime Report, which shows that critical infrastructure organizations had about 649 ransomware attacks between June 2021 and December 2021. [...]
-
Present Biden has released an alert regarding the growing threat of cyberattacks conducted by Russian state-sponsored hackers due to the economic sanctions enforced on the country as a reply to the attack on Ukraine. President [...]
-
For the 3rd consecutive month, there is a decrease in the number of data breaches submitted to the HHS’ Office for Civil Rights (OCR). February had 46 healthcare data breaches involving 500 and up records [...]
-
A woman was sentenced to 15 months imprisonment for being involved in a plan to defraud patients of a medical clinic based in Metairie, LA. In 2015, three persons were captured in association with the [...]
-
The IT firm, Ruffian Software, Mauldin SC has finished the HIPAA compliance process designed by Compliancy Group and was affirmed as having enforced an efficient HIPAA compliance program. Ruffian Software provides electronic privileged account management [...]
-
The U.S. Department of Justice (DOJ) has reported the settlement agreed with the healthcare services company, Comprehensive Health Services (CHS) located in Cape Canaveral, FL to resolve alleged False Claims Act violations. This is the [...]
-
South Denver Cardiology Associates (SDCA) has recently stated that it encountered a cyberattack last January 2022 that resulted in the access and potential theft of files comprising patient information by attackers. Unusual network activity was [...]
-
Posted, a company offering AI-driven tools to relieve the management burden on healthcare companies, received certification from Compliancy Group that it has implemented an efficient HIPAA compliance program. Posted offers services to healthcare companies including [...]
-
Logan Health and subsidiary, sister, and related entities are facing legal action because of a data breach that happened in 2021 and impacted 213,543 patients of Logan Health Medical Center. Law firm Heenan & Cook [...]
-
Duncan Regional Hospital Duncan Regional Hospital based in Oklahoma has reported that cybercriminals acquired access to its networks and possibly exfiltrated sensitive data of patient and employees. The hospital detected the breach on January 20, [...]
-
The Compliancy Group has already confirmed that Halifax County Public Health System (HCPHS) has enforced a good HIPAA compliance program. HCPHS is under the North Carolina Public Health statewide system and supports and adds to [...]
-
Bible Fellowship Church Homes, Inc. doing business as Fellowship Community based in Whitehall, PA, has just announced a cyberattack it discovered on August 6, 2021. Digital forensics specialists investigated the incident and confirmed that unauthorized [...]
-
Monongalia Health System (Mon Health) based in West Virginia has reported a cyberattack that resulted in the exposure of the patient, worker, and contractor information. This is the second big data breach reported by the [...]