Patients of Wise Health System in Decatur, TX received notification regarding the potential exposure of their protected health information (PHI) because of a phishing attack. About 35,899 patients were affected by the breach. The phishing […]
The 2019 Cost of a Data Breach Report of Ponemon Institute/IBM Security has been published. It is a detailed study of the reported data breaches in 2018. It revealed the continuous increase of data breach […]
Another healthcare provider confirmed that it was affected by the American Medical Collection Agency (AMCA) security breach. An unauthorized access of AMCA’s systems resulted to a breach of the protected health information (PHI) of its […]
Equifax has decided to resolve its federal data breach case by paying at least $575 million. The settlement could possibly go up to $700 million plus the need to make significant improvements to its security […]
Edgepark Medical Supplies (EMS) discovered on May 13, 2019 that an unauthorized person access the account of some of its customers accounts and altered their addresses causing a redirection of their orders to different delivery […]
Idaho is giving patients new rights as hospitals implement the new rules. The Idaho Department of Health and Welfare (IDHW) is implementing the rules which began July 1, 2019. IDHW stated that patient advocacy groups […]
Just a few days after expressing the intention to issue a penalty to British Airways the amount of £183 million ($230 M) for its 383-million records breach, the United Kingdom’s Information Commissioner’s Office (ICO) is […]
Adirondack Health Vermont notified about 25,000 patients regarding the potential exposure of their protected health information (PHI) due to hacking. The potentially compromised information include the patients’ names, birth dates, healthcare insurance member numbers or […]
The U.S. Department of Health and Human Services (HHS) Secretary has declared a partial waiver of HIPAA sanctions and penalties in Louisiana because of the damage that Tropical Storm Barry likely caused when it hit […]
UK Information Commissioners Office (ICO), which is the GDPR supervisory authority, issued the biggest GDPR penalty to British Airways amounting to £183.39 million or $228 million for failure to employ security controls that led to […]
Premera Blue Cross agreed to pay $10 million to settle a multi-state data breach lawsuit that involved 30 state attorneys general. The alleged violations of state and federal laws resulted to a breach of 10.4 […]
Essentia Health is an integrated health system providing services in the states of Minnesota, North Dakota, Wisconsin and Idaho. Notifications sent to over 1,000 Essentia Health patients stated that some of their protected health information […]
Nemadji Research Corporation, doing business under the name of California Reimbursement Enterprises, released information regarding the unauthorized person who accessed the email account of an employee. There is potential exposure of the protected health information […]
GE Aestiva and Aespire Anesthesia devices were found to have an improper authentication vulnerability. These devices are typically used in hospitals all over America. The CVE-2019-10966 vulnerability can allow an attacker to remotely change the […]
A recent nCipher Security survey explored the value consumers put on their health information privacy and security. The survey had 1,300 U.S. consumers as participants and looked into their attitudes toward online personal privacy, sharing […]
Hackers exploited a two-year-old vulnerability in Microsoft Outlook targeting U.S. government networks. A warning issued by U.S. Cyber Command talked about the active exploitation of vulnerability CVE-2017-1174 and installation of remote access Trojans and other […]
A medical student is filing a lawsuit against Marshall University and Cabell Huntington Hospital because some of his protected health information (PHI) was impermissibly disclosed to a class of students. The medical student, which the […]
Alerts regarding the cybersecurity vulnerabilities discovered in several Medtronic insulin pumps were released by the United States Computer Emergency Readiness Team (US-CERT) and the Food and Drug Administration (FDA). The vulnerable insulin pumps connect to […]
According to a recent study, larger healthcare providers are more inclined to have fully developed, sophisticated cybersecurity defenses, whereas smaller healthcare providers struggle to implement cybersecurity best practices. KLAS and CHIME conducted the study and […]
Franciscan Health located in Mishawaka, IN found out that a former staff committed unauthorized access of the protected health information (PHI) of around 2,200 patients. In a routine privacy review, Franciscan Health learned about the […]
A former UChicago Medicine patient filed a lawsuit claiming that his medical information along with those of hundred other patients were shared with Google with no prior authorization. The lawsuit accuses UChicago Medical Center, UChicago […]
CalHIPAA is a registered trademark. © Copyright 2003 to 2024 calHIPAA. All rights reserved.