Calculated HIPAA

A Calculated Approach to HIPAA Compliance

  • HIPAA Violation News
  • HIPAA Updates
  • HIPAA Advice
  • HIPAA Compliance
    • HIPAA Law
  • HIPAA Violations
  • HIPAA Training
  • HIPAA Penalties
Home2019

Year: 2019

Termination of a Former Exployee of Ann & Robert H. Lurie Children’s Hospital of Chicago for Unauthorized Access of Patient Records

December 31, 2019 Site Editor

Ann & Robert H. Lurie Children’s Hospital of Chicago, which is a pediatric specialty hospital, found out that an ex-employee accessed certain patients’ medical records without having an authorized work reason. The employee’s unauthorized action […]

Healthcare Data Breach Report Summary in November 2019

December 30, 2019 Site Editor

In November 2019, the Department of Health and Human Services’ Office for Civil Rights (OCR) received 33 healthcare data breach reports with 500 or more records, which is 36.5% less than the reported breaches in […]

Patients Filed a Lawsuit Against DCH Health System Over the October Ransomware Attack

December 27, 2019 Site Editor

The Northern District of Alabama filed a lawsuit against DCH Health System in the Western Division of U.S. District Court because of a ransomware attack that happened on October 1, 2019. The ransomware attack forced […]

Korunda Medical Was Penalized $85,000 for HIPAA Right of Access Failures

December 26, 2019 Site Editor

The second enforcement action was issued by the Department of Health and Human Services’ Office for Civil Rights as per the HIPAA Right of Access Initiative. Korunda Medical in Florida agreed to resolve potential violations […]

House Energy and Commerce Committee Released a Discussion Draft of Federal Data Privacy Bill

December 25, 2019 Site Editor

The House Energy and Commerce Committee released a draft of the discussion of a new bipartisan data privacy bill. The bill concerns the national standards for privacy and security and plans to put limits on […]

Compliancy Group Webinar on Lessons and Examples from 2019 HIPAA Breaches and Fines

December 24, 2019 Site Editor

The Department of Health and Human Services’ (HHS) Office for Civil Rights had another busy year with HIPAA enforcement. To date in 2019, OCR imposed 9 financial penalties on HIPAA covered entities and business associates […]

15 Million Customers Affected by Ransomware Attack on LifeLabs in Canada

December 23, 2019 Site Editor

LifeLabs located in Toronto, one of the biggest Canadian medical testing and diagnostics companies, submitted a serious data breach report. Hackers possibly viewed the personal and medical information of around 15 million individuals, mostly residents […]

Tidelands Health Malware Attack and Children’s Hope Alliance Laptop Computer Theft

December 20, 2019 Site Editor

Tidelands Health located in Georgetown, SC, is working 24 / 7 to reestablish its computer systems after discovering malware on its system on December 12, 2019. The malware attack has compelled the healthcare company to […]

Poor Implementation of RSA Encryption Allows Attacks on Medical Devices and Implants

December 19, 2019 Site Editor

Encryption makes data unavailable to unauthorized people, as long as strong encryption is utilized and the private key to decrypt information isn’t compromised. Not all encryption algorithms give a similar protection level. The effectiveness of […]

Theft of Stolen Devices Contain PHI of Truman Medical Centers and La Clínica de La Raza Patients

December 18, 2019 Site Editor

Truman Medical Centers located in Kansas City, MO, the biggest inpatient and outpatient services provider in the city, learned that an unencrypted laptop computer that contains 114,466 patients’ protected health information (PHI) was stolen from […]

Blue Cross Blue Shield of Minnesota Begins Fixing 200,000 Critical and Severe Vulnerabilities

December 17, 2019 Site Editor

Blue Cross Blue Shield of Minnesota, the state’s biggest health insurance provider, is currently working to resolve about 200,000 unaddressed vulnerabilities identified on its servers, some of which are over ten years old. In August […]

Smile Metrics Consulting Receives HIPAA Seal of Compliance

December 16, 2019 Site Editor

Smile Metrics Consulting, a dental marketing consulting company, has finished the 6-Stage HIPAA risk analysis and remediation process of the Compliancy Group and showed it implements a reliable HIPAA compliance program. Smile Metrics Consulting assists […]

Phishing Attack at Cheyenne Regional Medical Center Compromised Patient Data

December 13, 2019 Site Editor

Cheyenne Regional Medical Center located in Wyoming lately discovered the compromise of patient data because of a phishing attack in April. On or around April 5, 2019, the medical center received notification concerning a potential […]

Phishing Attacks on Sunrise Community Health and Katherine Shaw Bethea Hospital

December 12, 2019 Site Editor

Sunrise Community Health based in Evans, CO discovered the compromise of several employees’ email accounts because its employees responded to phishing emails. Unauthorized individuals accessed the email accounts from September 11, 2019 to November 22, […]

Compliancy Group Certified Adstream as HIPAA Compliant

December 11, 2019 Site Editor

Compliancy Group has declared the full compliance of Adstrem, a global advertising technology, and services provider, with the Health Insurance Portability and Accountability Act (HIPAA). The Group also confirms its effective HIPAA compliance plan. Adstream […]

Banner Health Settlement of Breach Lawsuit Costs $6 Million

December 10, 2019 Site Editor

In June 2016, Banner Health sustained a data breach which resulted in the theft of the protected health information (PHI) of 2.9 million people. Victims of the breach filed a class-action lawsuit in August 2016. […]

Data Breaches at Southeastern Minnesota Oral & Maxillofacial Surgery and Elizabeth Family Health

December 9, 2019 Site Editor

Southeastern Minnesota Oral & Maxillofacial Surgery (SEMOMS) made an announcement a ransomware attack that caused the potential exposure of the protected health information (PHI) of about 80,000 patients. The ransomware attack was seen on September […]

Solara Medical Supplies Faces Lawsuit Over 114,000-Record Data Breach

December 6, 2019 Site Editor

Solara Medical Supplies is confronted with a lawsuit involving a data breach in June 2019 resulting in the exposure of the protected health information (PHI) of over 114,000 customers and the potential data theft by […]

Legal Action Filed Against Kalispell Regional Healthcare Due to the 130,000-Record Data Breach

December 5, 2019 Site Editor

Kalispell Regional Healthcare based in Montana is getting sued as a consequence of a phishing attack that made it possible for hackers to get access to the email accounts of employees that have the protected […]

Nebraska Medicine Insider Data Breach and Presbyterian Healthcare Services Phishing Attack

December 4, 2019 Site Editor

Nebraska Medicine learned that a member of its staff got access to patients’ healthcare data without any authorized work reason for a time period of about three months. Nebraska Medicine uncovered the privacy violation while […]

Phishing Attacks on Comprehensive Sleep Care Center and McLaren Health Plan Potentially Impact PHI

December 3, 2019 Site Editor

Loudoun Medical Group, also called the Comprehensive Sleep Care Center (CSCC), had a phishing attack some time on June 19, 2019. The IT department was cautioned regarding a potential email security breach upon detecting suspicious […]

Patients Could Make Use of the New Alexa Healthcare Skill to Process Their Prescribed Medicines

December 2, 2019 Site Editor

Amazon’s Alexa now features a new healthcare skill that patients may employ in handling their prescription drugs and purchasing prescription refills. At the beginning of this year, Amazon stated that it has made a HIPAA-eligible […]

Sentara Hospitals Agreed to Pay $2.175 HIPAA Settlement for Breach Notification Rule and BAA Failures

November 29, 2019 Site Editor

The 8th HIPAA financial penalty of 2019 has been announced by the Department of Health and Human Services’ Office for Civil Rights (OCR). Sentara Hospitals has made an agreement to pay a penalty of $2.175 […]

The Highest Level of Phishing Attacks Since 2016

November 28, 2019 Site Editor

The Anti-Phishing Working Group’s Phishing Activity Trends Report for Q3, 2019 stated that the rate of phishing attacks now is at a rate that is the highest since 2016. In Q3 of 2019, there were […]

Project Venture Allows Google to Access Ascension Patients Health Records

November 27, 2019 Site Editor

Google has affirmed the news of its partnership with one of the biggest U.S. healthcare systems so that it could access a substantial volume of patient information. Google partnered with Ascension, which is the world’s […]

Breaches at Brooklyn Hospital Center and Washington University School of Medicine Compromised PHI

November 26, 2019 Site Editor

Brooklyn Hospital Center in New York announced a security breach that happened in late July 2019 involving malware installation on some hospital servers. The quick discovery of the incident minimized the problems caused since safety […]

Ransomware Attack on Wisconsin IT Company Impacts Nursing Homes and Acute Care Facilities

November 25, 2019 Site Editor

A ransomware attack on Virtual Care Provider Inc. (VCP), a provider of data storage, internet, and email services, cybersecurity, and other IT services in Wisconsin, resulted in the encryption of the healthcare records and other […]

Eagle Consulting Group Receives HIPAA Seal of Compliance

November 23, 2019 Site Editor

Eagle Consulting Group, a managed service provider based in Anchorage, AK , was certified by Compliancy Group as HIPAA-compliant. Eagle Consulting Group provides a lot of clients, even in the healthcare industry, with proactive IT […]

Phishing Attacks on Choice Cancer Care Treatment Center and CAH Holdings Impacts PHI

November 22, 2019 Site Editor

A phishing attack on Choice Cancer Care Treatment Center (CCCT) in May 2019 resulted in the potential access of the protected health information (PHI) of some patients by unauthorized people in May 2019. CCCT is […]

9,800 Records of Aegis Medical Group Patients Potentially Accessed by a Former Employee Without Authorization

November 20, 2019 Site Editor

Aegis Medical Group, a physician group in Florida, began informing 9,800 patients regarding the potential access of their protected health information (PHI) by a former employee. Allegedly, that person tried to sell patient data to […]

Phishing Attacks on Solara Medical Supplies and Select Health Network Report Compromised Patient PHI

November 19, 2019 Site Editor

A phishing attack on Solara Medical Supplies, LLC in Chula Vista, CA, resulted in the potential compromise of the protected health information (PHI) of a lot of its customers. Solara Medical discovered suspicious activity in […]

ProtoLytic, LLC Receives HIPAA Seal of Compliance Award

November 18, 2019 Site Editor

Compliancy Group confirmed ProtoLytic, LLC, a developer providing decision support tools to medical cost management in Tampa, FL as HIPAA-compliant. Healthcare providers use ProtoLytic tools to create patient treatment plans using evidence-based recommendations and demographic […]

93,000 Files of California Addiction Treatment Center Patients Compromised Online

November 15, 2019 Site Editor

A misconfigured AWS S3 storage bucket owned by Sunshine Behavioral Health, LLC, a network of drug and alcohol addiction rehabilitation centers based in San Juan Capistrano, CA resulted in the compromise of sensitive patient data. […]

Theft Incidents at Main Street Clinical Associates and Loyola Medicine Potentially Exposed PHI

November 14, 2019 Site Editor

Main Street Clinical Associates, PA. located in Durham, NC has notified a number of its patients regarding the potential compromise of some of their protected health information (PHI) because of the stolen devices from its […]

Phishing Attacks on Salem Health Hospitals & Clinics and Delta Dental of Arizona Exposed Patient Data

November 13, 2019 Site Editor

A phishing attack at Salem Health Hospitals & Clinics, Oregon on July 31, 2019 resulted in the access of some employees’ email accounts by an unauthorized person. The healthcare provider detected the breach within a […]

Compliancy Group Webinar Features The Guard Software Demo for HIPAA Compliance Support

November 12, 2019 Site Editor

Compliancy Group is going to host a webinar on November 20, 2019 at 14:00 ET. The webinar will feature a group demonstration of how to use The Guard, its software solution to HIPAA compliance. The […]

Healthcare Data Breach Costs in the Industry Could Go Up to $4 Billion in 2019

November 11, 2019 Site Editor

A new survey was done to know the expense connected with healthcare data breaches, the magnitude of the healthcare community attacked, and what proportion of the attacks become successful. The Black Book Market Research performed […]

Phishing Emails Sent to 5,764 Utah Valley Eye Center Patients After a Data Breach

November 8, 2019 Site Editor

Utah Valley Eye Center based in Provo, UT sent breach notification letters to patients concerning an unauthorized person that potentially accessed some of their personal information as a result of its scheduling reminder web portal’s […]

82,577 Texas Health Resources Patients Impacted by Impermissible Disclosure of PHI

November 7, 2019 Site Editor

A wrong configuration of the billing program of Texas Health Resources caused the impermissible disclosure of the health information of 82,577 of its patients. Texas Health Resources is one of the United States’ major faith-based […]

Technology Response Team Receives HIPAA Seal of Compliance

November 6, 2019 Site Editor

Compliancy Group declared Technology Response Team as an entity that has successfully finished its 6-stage HIPAA risk analysis and remediation procedure and has showed its compliance with the requirements of the HIPAA Security, Privacy, Breach […]

Microsoft Announcement on BlueKeep Vulnerability in Real World Attacks

November 5, 2019 Site Editor

Microsoft reported in May 2019 something about the BlueKeep exploit. It is a CVE-2019-0708 vulnerability, which is a serious remote code execution flaw identified in Windows Remote Desktop Services. The cybersecurity community anticipated the creation […]

The Guidance Center Discovers Unauthorized Email Account Access and File Deletion

November 4, 2019 Site Editor

The Guidance Center (TGC) in Avalon in California and Long Beach, Compton, San Pedro, a not-for-profit mental health care services provider to deprived kids and their families, had spotted a security breach in its digital […]

HHS Launches Version 3.1 of HIPAA Security Risk Assessment Tool

November 1, 2019 Site Editor

The HHS updated its HIPAA Security Risk Assessment Tool with a number of new features requested by users to enhance usability. The HHS Office of the National Coordinator for Health Information Technology (ONC) in cooperation […]

PHI Likely Exposed Because of Prisma Health Website Breach and Seattle Cancer Care Alliance Email Error

October 31, 2019 Site Editor

Because a data breach on the Palmetto Health site occurred, Prisma Health Midlands is informing about 19,000 patients and 3,000 employees. Prisma Health – earlier known as Palmetto Health – found out on August 29, […]

TitanHQ’s Exceptional Accomplishment in the MSP Market and Its Latest ‘Margin Maker for MSPs’ Program

October 31, 2019 Site Editor

TitanHQ, a provider of cloud security, has seen an exceptional increase in quarter three of 2019, having the most bustling quarter for its MSP enterprise all through its 20+ year history. The company grew into […]

Improper Disposal of Pharmacy Records from Smith’s Food & Drug Impacts 58,000 Patients

October 29, 2019 Site Editor

Smith’s Food & Drug based in Salt Lake City, OH has reported that around 58,000 patients’ pharmacy records were improperly disposed of. The grocery and drug store chain discovered the improper disposal on August 29, […]

Approval of Amendment to CCPA and California’s Data Breach Notification Law

October 28, 2019 Site Editor

California Governor Gavin Newsom affixed his signature on bill AB-1130 which revises the data breach notification law in California. The latest bill stretches the meaning of personal information impacting the need to issue notifications to […]

Vulnerability Discovered in Philips IntelliSpace Perinatal Information Management System

October 25, 2019 Site Editor

The vulnerability CVE-2019-13546 was discovered in the Philips IntelliSpace Perinatal obstetrics data management system. This vulnerability is remotely exploitable by a user of an authorized remote desktop session host application or a person that could […]

Geisinger Health Plan Members Notified About PHI Compromise Due to Business Associate Phishing Attack

October 24, 2019 Site Editor

Geisinger Health Plan based in Danville, PA found out that some of its members’ protected health information (PHI) was exposed because Magellan NIA, one of its business associates, had a suspected phishing attack. Magellan NIA […]

129,000 Patients Affected by Kalispell Regional Healthcare Phishing Attack

October 23, 2019 Site Editor

Kalispell Regional Healthcare in Montana had a security breach last summer and is informing around 129,000 patients about the potential compromise of their protected health information (PHI). Kalispell Regional Healthcare manages Kalispell Regional Medical Center, […]

Patient Data Potential Compromise Due to Ransomware Attacks on Monterey Health Center and Magnolia Pediatrics

October 22, 2019 Site Editor

Monterey Health Center in Milwaukie, OR encountered a ransomware attack, which began on August 12, 2019. Because of the incident, its electronic health records system was encrypted and made patient information inaccessible. With the assistance […]

Microsoft and NCCoE Collaboration on Creating Guidelines for Using a Reliable Enterprise Patch Management Strategy

October 21, 2019 Site Editor

The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) and Microsoft launched a new project to create guidance on the development and implementation of an effective patch management strategy. After […]

Ransomware Guidance Updated by FBI in Response to the Extent of U.S. Ransomware Epidemic

October 18, 2019 Site Editor

A new report from Emsisoft, a New Zealand-based cybersecurity company, exposed the magnitude of ransomware usage in cyberattacks in America. 2019’s first 9 months had 621 reports of ransomware attacks on government agencies, healthcare companies, […]

Gartner Releases the 2019 Market Guide for Cloud Service Providers to Healthcare Delivery Organizations

October 17, 2019 Site Editor

The 2019 Market Guide for Cloud Service Providers to Healthcare Delivery Organizations (HDOs) has been published by Gartner. It includes a study of the healthcare cloud market and points out how the cloud may be […]

Proofpoint Report Shows Which Cyber Threat Do Healthcare Companies Mostly Encounter

October 17, 2019 Site Editor

A new Proofpoint report provides ideas on the cyber threats that healthcare companies run into and the most prevalent attacks that bring about healthcare data breaches. Proofpoint’s 2019 Healthcare Threat Report reveals the evolving threat […]

More Patient Data Compromised in the Hunt Regional Healthcare May 2018 Data Breach

October 16, 2019 Site Editor

Hunt Regional Healthcare based in Texas learned that a May 2018 cyberattack was more extensive than earlier thought. The FBI informed Hunt Regional on May 14, 2019 that an advanced, targeted cyberattack hit its systems […]

The First Healthcare-Specific Professional Cybersecurity Certification Program in the United States

October 14, 2019 Site Editor

The University of Texas at Austin McCombs School of Business introduced a special healthcare-specific professional cybersecurity certificate program. The professional leadership and educational program is the first healthcare targeted cybersecurity certification program to be made […]

Three DCH Health System Temporarily Shuts Down Because of Ransomware Attack

October 11, 2019 Site Editor

Three of DCH Health System’s hospitals in Alabama were forced not to accept new patients other than those in a critical state due to a ransomware attack. The staff in DCH Regional Medical Center in […]

CHI Health Ransomware Attack Impacts 48,000 Patients of Lakeside Orthopedic Clinic

October 10, 2019 Site Editor

CHI Health in Omaha, NE, a 14-hospital health system, had a ransomware attack, which led to the potential exposure of the protected health information (PHI) of close to 48,000 patients. CHI Health became aware of […]

Data Breach Expenditures Decreased by Over Fifty Percent With an Internal Security Operations Center Set Up

October 9, 2019 Site Editor

On behalf of Kaspersky Lab, a B2B International survey recently performed confirmed there is an increase in the average expense of a data breach at the enterprise-level from $1.23 million (2018) to $1.41 million. The […]

Another Phishing Attack Hits the Cancer Treatment Centers of America

October 8, 2019 Site Editor

Cancer Treatment Centers of America (CTCA) is informing some patients about the exposure of their protected health information (PHI) because of a phishing-related email security breach at its Southeastern Regional Medical Center, which happened on […]

More Cybercriminals Today Use Vendor Email Compromise Attacks

October 7, 2019 Site Editor

There has been an increase in the number of business email compromise (BEC) attacks in the United States. According to Symantec, an average of 6,029 businesses received BEC emails in the last 12 months and […]

Dental Practice To Pay $10,000 for Impermissible Discolsure of PHI on Yelp

October 4, 2019 Site Editor

The Department of Health and Human Services’ Office for Civil Rights consented to a negotiation with Elite Dental Associates concerning its HIPAA violation case relating to the impermissible disclosure of protected health information (PHI) of […]

FDA Issues Warning URGENT/11 for Cybersecurity Vulnerabilities Found in Medical Devices

October 3, 2019 Site Editor

Armis Security researchers found 11 vulnerabilities in the Interpeak IPnet TCP/IP Stack, which is a third-party software part utilized in some medical devices and hospital networks. The DHS Cybersecurity and Infrastructure Security Agency (CISA) received […]

Potential Compromise of PHI Due to Cybersecurity Breach at North Florida OB-GYN

October 2, 2019 Site Editor

North Florida OB-GYN located in Jacksonville, FL found out that hackers acquired access to selected parts of its computer system holding personal and health information of patients and infected the system with a virus that […]

Wood Ranch Medical Totally Shut Down Operations Due to Ransomware Attack

October 1, 2019 Site Editor

A damaging ransomware attack on Wood Ranch Medical in Simi Valley, CA caused its irreversible shutting down on December 17, 2019. The attack took place on August 10, 2019 and the ransomware corrupted the servers. […]

Senator Rand Paul Initiates National Patient Identifier Repeal Act

September 30, 2019 Site Editor

Sen. Rand Paul, M.D., (R-Kentucky) has announced a new bill that tries to once and for all take away the HIPAA national patient identifier provision considering the privacy problems in using such a system. At […]

Indiana Authorities Found 2,246 Abandoned Fetal Remains and Medical Documents

September 27, 2019 Site Editor

Dr. Ulrich Klopfer operated three abortion clinics in Indiana, but the clinics were closed down upon the suspension of his license in 2015. After his passing away on September 3, 2019, his family members discovered […]

Senate Didn’t Support the Lifting of the Ban to Fund the National Patient Identifier

September 26, 2019 Site Editor

The Department of Health and Human Services (HHS) is banned from expending any of its funds for the creation and launch of a national patient identifier, although there was anticipation that the prohibition will eventually […]

New Data Breach Notification Rule for Medical Insurance Companies in Maryland

September 25, 2019 Site Editor

Starting October 1, 2019, medical insurance companies and related services must inform the Maryland Insurance Administration (MIA) in case a breach of insureds’ personal data occurs. The change in legislation is applicable to health plans, […]

Vulnerabilities in WLAN Software Used in Philips IntelliVue Portable Patient Monitors

September 24, 2019 Site Editor

Philips IntelliVue WLAN firmware had been found to have two vulnerabilities that affected some IntelliVue MP monitors. The vulnerabilities can be exploited by hackers to install malicious software that could have an effect on data […]

Ransomware Attack on Campbell County Health Caused Serious Interruption to Patient Services

September 23, 2019 Site Editor

A ransomware attack on Campbell County Health located in Gillette, WY resulted in the disablement of hospital systems, which prevented access to patient information. The attack began in early in the morning of September 20, […]

CTI Technology Received HIPAA Compliant Certification by Compliancy Group

September 20, 2019 Site Editor

The Compliancy Group helped CTI Technology, a managed IT service provider located in Elgin, IL, to be certified as Health Insurance Portability and Accountability Act (HIPAA) compliant. CTI Technology used The Guard of Compliancy Group, […]

400 Million Medical Images Are Publicly Accessible on the Internet Via Unsecured PACS

September 20, 2019 Site Editor

Based on a recent investigation by ProPublica, Bayerischer Rundfunk (a German public broadcaster), and Greenbone Networks (vulnerability and analysis firm, 24.3 million medical images in medical image storage systems are publicly accessible on the internet […]

NCCoE Issued a Mobile Device Security Guidance for Corporate-Owned Personally Enabled Devices

September 19, 2019 Site Editor

The National Cybersecurity Center of Excellence (NCCoE) created a new draft NIST mobile device security guidance to assist companies to minimize the risks presented by corporate-owned personally enabled (COPE) devices. Mobile devices permit personnel to […]

Integration Link LLC Receives HIPAA Seal of Compliance from Compliancy Group

September 18, 2019 Site Editor

Integration Link, LLC, a cybersecurity consultancy services provider and virtual Chief Information Security Officers to small, medium and large businesses, has finished the 6-Stage HIPAA Risk Analysis and remediation process of Compliancy Group. It has […]

Phishing Attacks on Fraser and East Central Indiana School Trust Impacted Almost 6,000 Individuals’ PHI

September 17, 2019 Site Editor

A phishing attack on East Central Indiana School Trust (ECIST) resulted in the exposure of some protected health information (PHI) of over 3,200 people. On May 19, 2019, an ECIST employee was misled into sharing […]

82% of Healthcare Providers Using IoT Devices Have Encountered a Cyberattack

September 13, 2019 Site Editor

According to the Global Connected Industries Cybersecurity Survey conducted by Irdeto, a Swedish software company, 82% of healthcare companies utilizing Internet-of-Things (IoT) devices were attacked via one of those devices in the past year. Irdeto […]

HIPAA Seal of Compliance Awarded to CTI Technology by Compliancy Group

September 12, 2019 Site Editor

CTI Technology in Elgin, IL, which is a managed IT service provider, has been certified as compliant with the Health Insurance Portability and Accountability Act (HIPAA) Rules. This was made possible with the help of […]

OMB Finds the HHS Information Security Program as Ineffective

September 11, 2019 Site Editor

The Office of Management and Budget (OMB) submitted its annual audit report to Congress concerning the cybersecurity status of federal agencies, as ordered by the Federal Information Security Modernization Act of 2014 (FISMA). OMB examined […]

Choose Networks Receives HIPAA Seal of Compliance with Compliancy Group

September 10, 2019 Site Editor

IT service provider in Wichita, KS, Choose Networks, received its certification of HIPAA compliance with Compliancy Group. The company began operations in 2001 offering enterprise-level IT support to small and medium-sized companies. At present, over 35 […]

Most Patients Are Willing to Share Their EHR Data for Research, But Not Everything

September 9, 2019 Site Editor

A new research study published in JAMA Network Open revealed that many patients are okay with sharing their EHR data and biospecimens for research purposes; however, the majority of patients would like to limit the […]

Why Immediate Data Breach Notifications Are Very Important to Customers

September 6, 2019 Site Editor

When healthcare providers encounter a data breach, breach victims will naturally be annoyed and upset. People provide their data to healthcare organizations with the understanding that they implement safeguards to protect that information. Whenever patients […]

Two Phishing Attacks on Hospitals Impact Over 15,000 Patients

September 5, 2019 Site Editor

A phishing attack on Artesia General Hospital in Artesia, NM resulted to the compromise of 13,905 patients’ protected health information (PHI). The hospital detected the breach on June 18, 2019 when it was discovered that […]

Recent HIPAA Enforcement Activity Reviewed in the Beazley Breach Insights Report

September 4, 2019 Site Editor

The agency assigned to implement HIPAA compliance is the Department of Health and Human Services’ Office for Civil Rights. Only a handful of HIPAA violations were issued financial penalties prior to 2016. Then, the number […]

Phishing Attack on NCH Healthcare System Resulted in the Compromise of 73 Email Accounts

September 3, 2019 Site Editor

The last phishing attack on Bonita Springs, an NCH Healthcare System based in Florida, highlighted the great importance of providing healthcare employees with security awareness training. Bonita Springs detected the attack on June 14, 2019 […]

Motions Filed by UCMC and Google to Dismiss Lawsuit Over HIPAA Privacy Violation

September 2, 2019 Site Editor

On June 26, a University of Chicago Medical Center (UCMC) patient filed legal action against UCMC and Google with regards to an alleged privacy violation involving the disclosure of protected health information (PHI) without de-identifying […]

Cyberattacks on NCH Healthcare System and Ohio Eye Care Provider

August 30, 2019 Site Editor

A phishing attack on NCH Healthcare System in Naples, FL resulted in the exposure of patient information. NCH Healthcare knew about the suspicious activities on its payroll system on June 14, 2019. A third-party computer […]

DPA Fined Skellefteå School for Using Facial Recognition Technology

August 29, 2019 Site Editor

The Swedish Data Protection Authority (DPA) issued its first financial penalty for a General Data Protection Regulation (GDPR) violation. A high school in Skellefteå was issued a 200,000 SEK fine (€19,000/$21,000) for conducting a pilot […]

Unsecured Databases Compromised the PHI Amarin and Medico Clients

August 28, 2019 Site Editor

An unsecured database online contains the personal data of individuals who exhibited an interest in Vascepa®, a cholesterol drug that Amarin Pharma manufactures. The database contained information including complete names, telephone numbers, email addresses, home […]

PHI of 10,000 Massachusetts General Hospital Patients Exposed Due to Data Breach

August 27, 2019 Site Editor

Massachusetts General Hospital (MGH) discovered recently the unauthorized access of the computer applications utilized by its Department of Neurology researchers. The person behind the breach could potentially access the protected health information (PHI) of around […]

Box of Documents From Western Connecticut Health Network and Arizona State University Students’ Information Exposed

August 26, 2019 Site Editor

Nuvance Health informed some Western Connecticut Health Network (WCHN) patients concerning their protected health information (PHI) exp. CHN sent to the Connecticut State Department of Public Health a package of medical documents on June 11, […]

Reasons Behind the Targeted Hacking in the Healthcare Industry

August 23, 2019 Site Editor

The healthcare industry is being attacked with more data breaches. Why do hackers want to target the healthcare industry? FireEye came up with a new report to provide answers to this question. FireEye researchers analyzed […]

UnityPoint Health Data Breach Lawsuit Partly Dismissed by Federal Judge

August 22, 2019 Site Editor

The Western District of Wisconsin US District Court has partly dismissed the class-action data breach lawsuit that UnityPoint Health is facing. In February 2018, employees of UnityPoint Health received phishing emails and responded to them. […]

Unsecured Amarin and Medico Database Resulted in Potential PHI Disclosure

August 21, 2019 Site Editor

A database which comprises of the personal information of men and women who expressed interest in Vascepa®, a cholesterol drug manufactured by Amarin Pharma, was exposed online. The database, which a third party vendor maintained, […]

Breach of Almost 45,000 PHI at Integrated Regional Laboratories, Bayview Dental and Mid-Valley Behavioral Care Network

August 20, 2019 Site Editor

Florida’s Integrated Regional Laboratories (IRL) is informing about 30,000 patients regarding the potential compromise of their protected health information (PHI) as a result of the American Medical Collection Agency (AMCA) data breach, which was discovered […]

medRxiv Study Reveals Many Healthcare Providers Do Not Comply with HIPAA Right of Access

August 19, 2019 Site Editor

medRxiv, a health manuscript archiving firm, recently conducted a study which revealed the prevalent noncompliance with the HIPAA right of access. The researchers of this study mailed 51 healthcare providers requesting for medical record and […]

Breaches at Ohio Eye Care Provider and NCH Healthcare System Potentially Compromised Patient PHI

August 16, 2019 Site Editor

Eye Care Associates, a fully integrated eye care provider in the northeast Ohio region, had a ransomware attack in late July which led to the inaccessibility of its computer systems. Two weeks after the attack, […]

Hackers Demand a Ransom Paymet of $1 Million from Grays Harbor Community Hospital

August 15, 2019 Site Editor

The ransomware attack on Grays Harbor Community Hospital in Aberdeen, WA continues to cause problems after its attack two months ago. The attackers asked for $1 million ransom payment in exchange for the encryption unlock […]

MU Health Faces Lawsuit Over Phishing Attack in May 2019

August 14, 2019 Site Editor

Because of a phishing attack on April 2019, the University of Missouri Health Care (MU Health) is charged with a lawsuit. MU Health found out on May 1, 2019 the one week unauthorized access of […]

Posts navigation

1 2 3 »
  • Site Map
  • About Calculated HIPAA
  • Calculated HIPAA Privacy Policy

© Copyright 2003 to 2022 Calculated HIPAA