An ex-employee of Aultman Health Foundation viewed 7,300 patient information with no permission for nearly 12 years prior to the discovery of the HIPAA violation. The employee was given access to patient information to carry […]
Scripps Health in San Diego is looking at several class-action lawsuits due to a ransomware attack on April 29, 2021 that affected 147,267 people. As a result of the attack, the 5-hospital healthcare system needed […]
In October 2020, Mayo Clinic reported that a former employee was found to have committed impermissible access to the health records of roughly 1,600 patients. Based on a statement released by the Mayo Clinic, the […]
The National Institute of Standards and Technology (NIST) has published a draft Cybersecurity Framework Profile for Ransomware Risk Management to be able to guide organizations avoid, respond and recuperate from ransomware attacks. The Ransomware Profile […]
A bipartisan group of senators has brought in a federal data breach notification bill- the Cyber Incident Notification Act of 2021 – that calls for all federal organizations, contractors, and firms that have supervision over […]
May was 2021’s worst month thus far in terms of healthcare data breaches. The Department of Health and Human Services’ Office for Civil Rights recorded 63 breaches involving 500 or more records in May. For […]
South Texas Health System has informed 6,761 regarding some of their protected health information (PHI) that had been accidentally disclosed. South Texas Health System offers discharge directions following patients are given medical care in its […]
The Connecticut legislature has improved its data breach notification rule, extending the definition of personal information and reducing the maximum period of time for providing breach notices. The new legislation brings the data breach notification […]
A cyberattack on Service Employees International Union 775 (SEIU 775) Benefits Group, which is a benefits manager for home healthcare and nursing home employees, resulted in the removal of sensitive information. IT employees discovered issues […]
The Chief Operating Officer of an IT security agency is facing a lawsuit due to a financially driven cyberattack on Gwinnett Medical Center based in Lawrenceville, GA last September 2018. Vikas Singla, aged 45, of […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a security alert concerning 6 vulnerabilities identified in the ZOLL Defibrillator Dashboard, which include a remote code execution vulnerability with critical 9.9 severity. An anonymous person […]
The health insurance and healthcare provider Humana in Louisville, KY and its business associate Cotiviti are confronted with legal action due to a data breach identified in late December 2020. On May 26, 2021, a […]
In September 2020, Nebraska Medicine and the University of Nebraska Medical Center found out that their systems were hacked and downloaded with malware allowing the hackers access to the protected health information (PHI) of approximately […]
The National Institute of Standards and Technology (NIST) has posted its latest report about the usage of biometric authentication on cellular devices to permit first responders to obtain quick access to sensitive information, at the […]
Attleboro, MA-based Sturdy Memorial Hospital is notifying 57,379 patients regarding a computer security incident that happened on February 9, 2021 whereby patient data was compromised. In accordance with the breach notice issued by the hospital, […]
The HHS’ Office for Civil Rights has reached a settlement with The Diabetes, Endocrinology & Lipidology Center, Inc. (DELC) to resolve a potential violation of the HIPAA Right of Access. This is OCR’s 8th financial […]
The Federal Bureau of Investigation (FBI) has given a Flash Notification cautioning Fortinet Fortigate appliances end users that Advanced Persistent Threat (APT) groups are planning to target devices that haven’t been patched for three vulnerabilities: […]
Microsoft has found a huge spear-phishing campaign executed by the Russian Advanced Persistent Threat (APT) group, which is responsible for the SolarWinds Orion supply chain attack. Since January 2021, Microsoft has tracked the APT group […]
RMcKinley Christian Health Care Services (RMCHCS) in Gallup, NM submitted a report regarding a ransomware attack in February 2021 that resulted in patient data exfiltration. The attack in February conducted by the Conti ransomware gang […]
CalHIPAA is a registered trademark. © Copyright 2003 to 2024 calHIPAA. All rights reserved.