Month: September 2019

Sen. Rand Paul, M.D., (R-Kentucky) has announced a new bill that tries to once and for all take away the HIPAA national patient identifier provision considering the privacy problems in using such a system. At […]

Dr. Ulrich Klopfer operated three abortion clinics in Indiana, but the clinics were closed down upon the suspension of his license in 2015. After his passing away on September 3, 2019, his family members discovered […]

The Department of Health and Human Services (HHS) is banned from expending any of its funds for the creation and launch of a national patient identifier, although there was anticipation that the prohibition will eventually […]

Starting October 1, 2019, medical insurance companies and related services must inform the Maryland Insurance Administration (MIA) in case a breach of insureds’ personal data occurs. The change in legislation is applicable to health plans, […]

Philips IntelliVue WLAN firmware had been found to have two vulnerabilities that affected some IntelliVue MP monitors. The vulnerabilities can be exploited by hackers to install malicious software that could have an effect on data […]

A ransomware attack on Campbell County Health located in Gillette, WY resulted in the disablement of hospital systems, which prevented access to patient information. The attack began in early in the morning of September 20, […]

Based on a recent investigation by ProPublica, Bayerischer Rundfunk (a German public broadcaster), and Greenbone Networks (vulnerability and analysis firm, 24.3 million medical images in medical image storage systems are publicly accessible on the internet […]

The National Cybersecurity Center of Excellence (NCCoE) created a new draft NIST mobile device security guidance to assist companies to minimize the risks presented by corporate-owned personally enabled (COPE) devices. Mobile devices permit personnel to […]

A phishing attack on East Central Indiana School Trust (ECIST) resulted in the exposure of some protected health information (PHI) of over 3,200 people. On May 19, 2019, an ECIST employee was misled into sharing […]

According to the Global Connected Industries Cybersecurity Survey conducted by Irdeto, a Swedish software company, 82% of healthcare companies utilizing Internet-of-Things (IoT) devices were attacked via one of those devices in the past year. Irdeto […]

The Office of Management and Budget (OMB) submitted its annual audit report to Congress concerning the cybersecurity status of federal agencies, as ordered by the Federal Information Security Modernization Act of 2014 (FISMA). OMB examined […]

A new research study published in JAMA Network Open revealed that many patients are okay with sharing their EHR data and biospecimens for research purposes; however, the majority of patients would like to limit the […]

When healthcare providers encounter a data breach, breach victims will naturally be annoyed and upset. People provide their data to healthcare organizations with the understanding that they implement safeguards to protect that information. Whenever patients […]

A phishing attack on Artesia General Hospital in Artesia, NM resulted to the compromise of 13,905 patients’ protected health information (PHI). The hospital detected the breach on June 18, 2019 when it was discovered that […]

The agency assigned to implement HIPAA compliance is the Department of Health and Human Services’ Office for Civil Rights. Only a handful of HIPAA violations were issued financial penalties prior to 2016. Then, the number […]

The last phishing attack on Bonita Springs, an NCH Healthcare System based in Florida, highlighted the great importance of providing healthcare employees with security awareness training. Bonita Springs detected the attack on June 14, 2019 […]

On June 26, a University of Chicago Medical Center (UCMC) patient filed legal action against UCMC and Google with regards to an alleged privacy violation involving the disclosure of protected health information (PHI) without de-identifying […]