Articles by Site Editor

InterlinkONE Inc based in Boston provides cloud marketing and digital asset and order management software solutions. Recently, the Compliancy Group, the biggest HIPAA compliance training and software provider in the U.S., confirmed that InterlinkONE has […]

Healthcare provider Kaiser Permanente based in Oakland, CA discovered that a former staff gained access to the radiology information of many patients without permission for a period of 8 years. Kaiser Permanente knew about the […]

The U.S. Federal Trade Commission (FTC) would like to get comments on its breach notification requirements for non-HIPAA-covered entities collecting personally identifiable health data. In 2009, the FTC launched the Health Breach Notification Rule along […]

The FBI and the Cybersecurity and Infrastructure Security Agency lately made a joint public service announcement explaining the 2016 to 2019 top 10 most exploited vulnerabilities. Advanced nation state hackers exploit these vulnerabilities to target […]

A Russian hacking gang referred to as Sandworm (Fancy Bear) is exploiting an Exim Mail Transfer Agent vulnerability. The flaw, labeled as CVE-2019-10149, is a remote code execution vulnerability that was brought in in Exim […]

The HHS’ Office of Inspector General (OIG) has issued a tactical plan for monitoring the COVID-19 response and recovery work of the Department of Health and Human Services. OIG is going to evaluate how good […]

Mat-Su Surgical Associates based in Palmer, AK made an announcement that it encountered a ransomware attack in March. The staff discovered the attack on March 16 after being locked out of the computer systems because […]

The Compliancy Group confirmed that South Texas Children’s Dentistry has an effective HIPAA Compliance program set up. South Texas Children’s Dentistry already took action towards complying with the regulations of the Health Insurance Portability and […]

Four Senators wrote to the Federal Bureau of Investigation (FBI) and the DHS Cybersecurity and Infrastructure Security Agency (CISA) because of the latest notification telling COVID-19 research organizations that hackers associated with China are doing […]

Advanced Persistent Threat (APT) groups keep on targeting healthcare companies, research groups, pharmaceutical firms, and other organizations actively helping during the COVID-19 crisis. That is why, the United Kingdom and the United States cybersecurity authorities […]

In April 2020, 37 healthcare data breaches involving at least 500 records were reported That number is only one more than the number of breaches in March and is still lower than the average number […]

Lurie Children’s Hospital of Chicago is dealing with lawsuits regarding two privacy breaches which involved employees accessing the healthcare records of patients with no permission. The legal action was filed on behalf of a mom […]

Mille Lacs Health System based in Onamia, Mn has suffered a phishing attack that possibly exposed more than 10,000 patients’ protected health information (PHI). A number of employees of Mille Lacs Health System got phishing […]

Two privacy bills were presented in relation to the COVID-19 contact tracing apps which Congress is currently considering. Republican and Democratic lawmakers introduced contending bills that have several common ground and hope to accomplish the […]

Companies that encounter a ransomware attack might be enticed to pay the ransom demand to minimize downtime and expenses on recovery, however a Sophos survey indicates companies that pay the ransom in reality turn out […]

Management and Network Services (MNS), LLC based in Dublin, OH provides post-acute healthcare companies with administrative support services. The email accounts of some MNS employees were found to have been compromised. MNS explained in a […]

Organizations engaged in researching SARS-CoV-2 and COVID-19 received warning that hackers associated with the Peoples Republic of China (PRC) are targeting their organizations, consequently, they need to take steps to safeguard their systems from any […]

Saint Francis Healthcare Partners in Connecticut is informing 38,529 patients about the potential compromise of some of their protected health information (PHI) due to a sophisticated cybersecurity incident that permitted an unauthorized person to access […]

Compliancy Group has certified that Safe Partner Inc. has proven it has an effective HIPAA compliance program in place and has excellently concluded its exclusive 6-stage HIPAA risk analysis and remediation program. Safe Partner Inc. […]

Business email compromise scammers from Nigeria were found targeting COVID-19 research institutions, pandemic response agencies, and government healthcare organizations to get falsified wire transfer payments and install malware. Palo Alto Networks’ Unit 42 team researchers […]

COVID-19 has compelled a lot of organizations to quickly implement a work from home scheme for employees, which resulted in new possibilities for cybercriminals to execute attacks. Cyberattacks on remote employees have grown considerably at […]

A number of healthcare companies were impacted by a strange data breach at STAT Informatics Solutions, LLC based in Waupaca, WI. STAT provides a number of healthcare companies with secure medical records services which include […]

The Department of Health and Human Services is slow in responding to the high priority recommendations of the Government Accountability Office (GAO). Of the 54 high priority recommendations specified in a GAO report in March […]

The number of reported healthcare data breaches decreased in March 2020 by 7.69%. The number of breached records also decreased by 45.88%. In March, there were 36 healthcare data breaches involving 500 and up records […]

Compliancy Group has made an announcement that Acemanage Smart Inc, a Canadian start-up company, has an efficient HIPAA compliance program in place and has exhibited compliance with all the conditions of the HIPAA Security, Privacy, […]

Parkview Medical Center located in Pueblo, Colorado is recouping from a ransomware attack which began on April 21, 2020. Several IT systems were deactivated because of the attack. The Meditech electronic medical record system of […]

The World Health Organization (WHO) is a well-known organization that is fighting COVID-19. Cybercriminals and hacktivists have escalated attacks on WHO as it addresses the COVID-19 pandemic. WHO receives five times more attacks now as […]

The American Hospital Association (AHA) and the American Medical Association (AMA) have made a joint cybersecurity guidance for work at home doctors during the COVID-19 outbreak so that they would be guided in keeping their […]

A Federal judge gave the final approval of the proposed settlement by Banner Health for a class-action lawsuit filed over its 3.7 million-record data breach last 2016. The proposed settlement having an amount of $8.9 […]

The HHS’ Office of Inspector General (OIG) recommended a rule last Tuesday that make changes to civil monetary penalty guidelines to also cover information blocking. If implemented, the new CMPs for information blocking will be […]

The FBI has given a new alert after a surge in COVID-19 phishing scams directed at healthcare companies. In the advisory, the FBI clarifies that on March 18, 2020 network perimeter cybersecurity programs utilized by […]

The Department of Homeland Security’s Cybersecurity Infrastructure Security Agency (CISA) gave an advisory to all companies that use Pulse Secure VPN servers regarding the likelihood of not preventing cyberattacks even after patching vulnerabilities. CISA is […]

A phishing attack on Aurora Medical Center-Bay Area in Marinette, WI on January 1, 2020 resulted in the exposure of some protected health information (PHI) of 27,137 patients. A number of Aurora Medical Center employees […]

Beaumont Health, Michigan’s biggest healthcare system, announced the potential compromise of patient data located in email messages and file attachments because unauthorized persons gained access to some employees’ email accounts. Beaumont Health discovered the email […]

On April 15, 2020, Microsoft issued updates to resolve 113 vulnerabilities that affected its operating systems and software products, including 19 critical vulnerabilities. The updates this month consist of fixes for no less than 3 […]

Microsoft introduced a patch to address a critical vulnerability impacting Microsoft Exchange Servers which threat actors could potently exploit to have complete command of a vulnerable system. In spite of the warning of Microsoft that […]

The HHS has released a Notice of Enforcement Discretion that is applicable to healthcare organizations and business associates that get involved in the operations of COVID-19 community-based testing areas. According to the terms of the […]

The McHenry County Health Department in Illinois were not providing 911 dispatchers with the names of COVID-19 patients to safeguard patient privacy, just as what they do with patients that caught other infectious diseases like […]

A ransomware attack on Brandywine Urology Consultants based in Delaware on January 25, 2020 resulted in the encryption of files stored on its servers and computer systems. The scope of the attack was limited and […]

Hawaii Pacific Health learned about the 5-year snooping of an employee of Straub Medical Center (Honolulu) on patient healthcare records. Hawaii Pacific Health discovered on January 17, 2020 the unauthorized patient records access and began […]

The Federal Bureau of Investigation gave a warning after an uprise in Business Email Compromise (BEC) attacks that are making the most of the chaos associated with the COVID-19 pandemic. The term BEC refers to […]

A new Proofpoint report states that cybercriminals are now mostly only doing campaigns that are related to the 2019 Novel Coronavirus. 80% of all threats found by the Proofpoint are related to coronavirus. The latest […]

Although most social engineering and phishing attacks come about through email, social engineering strategies are likewise employed to persuade people to disclose sensitive data through other channels of communication, such as the telephone. There is […]

The IT and software development company, Big IT Inc. based in Valencia, CA, has received certification from the Compliancy Group for its implementation of an effective HIPAA compliance program. Big IT as a Managed Service […]

Improper Disposal Incident Reported by the Georgia Department of Human Services The Georgia Department of Human Services reported that employees in Augusta, GA had improperly disposed of confidential case files stored in boxes. The case […]

LifeSprk, a provider of senior care based in Minnesota, is mailing notification letters to 9,000 of its clients about the potential exposure of their protected health information (PHI) as a consequence of a phishing attack […]

A sophisticated group of hackers targeted the World Health Organization (WHO) and its partners attempting to steal login credentials to get access to its network by impersonating WHO’s internal email system. Several WHO staffers received […]

American HomePatient’s proposal to settle for $1 million a class-action lawsuit filed on behalf of the 2017 data breach victims has gotten initial approval. The data breach which led to the filing of the lawsuit […]

The 2019 Novel Coronavirus was referred to by researchers as Severe Acute Respiratory Syndrome Coronavirus 2 or SARS-CoV-2. It is the virus behind the Coronavirus Disease 2019 or COVID-19. In November, researchers first discovered the […]

In February,, 39 healthcare data breaches involving at least 500 records were reported representing a 21.9% increase from January. The breached 1,531,855 healthcare records represent a 231% increase from January. February had more breached records […]

After the HHS’ Office for Civil Rights announcement that HIPAA compliance enforcement has been relaxed in relation to the good faith provision of telehealth services all through the COVID-19 national public health emergency, OCR released […]

There were a number of reported incidents of cyberattacks on healthcare companies that are presently working 24 / 7 to make sure patients with COVID-19 get the healthcare they need to have. These attacks result […]

Maze Ransomware Attack at Texas Network of Walk-in Clinics A Maze ransomware gang attacked AffordaCare Urgent Care Clinic, which is a network of walk-in clinics throughout Texas. A recent DataBreaches.net report stated that the hackers […]

In trying to stop the passing on of the 2019 novel coronavirus, patients believed of having exposure to the virus and people having signs of COVID-19 were advised to self-isolate at home. It is vital […]

Cybercriminals are targeting the U.S. Department of Health and Human Services (HHS) in an attempt to overload its website with hundreds of thousands of hits. As per the statement of HHS spokesperson, Caitlin B. Oakley, […]

TigerConnect is the provider of the most popular secure healthcare communications platform in the USA. It declared its support for COVID-19 related communications during the coronavirus pandemic by allowing U.S. health systems and hospitals to […]

Henry Mayo Newhall Hospital in Santa Clarita, CA has dismissed a number of its employees because of snooping on the Saugus High School shooter’s health records. Under the Health Insurance Portability and Accountability Act (HIPAA) […]

SAR Technology Group has achieved HIPAA compliance following its completion of the proprietary 6-Stage HIPAA Risk Analysis and remediation process of Compliancy Group. The Health Insurance Portability and Accountability Act regulatory requirements ensure the integrity, […]

Privacy Breach at Harris Health System Harris Health System based in Houston, TX has informed 2,298 patients about the potential exposure of some of their protected health information (PHI). On December 30, 2019, two envelopes […]

The 2020 Healthcare Information and Management Systems Society Conference (HIMSS 20) was cancelled because of the persistent spread of COVID-19. Over 40,000 people and 1,300 exhibitors were supposed to go to the conference that was […]

The Singapore University of Technology and Design researchers identified a group of 12 vulnerabilities referred to as SweynTooth in the Bluetooth Low Energy (BLE) software development kits that came from around 7 suppliers of software-on-a-chip […]

Walgreens started notifying customers regarding the potential access of some of their protected health information (PHI) by other people because of an error in the Walgreens mobile app particularly its personal secure messaging feature. The […]

The Department of Health and Human Services’ Office of Inspector General (OIG) conducted an audit of the National Institutes of Health (NIH). The results revealed that technology control flaws in the NIH electronic medical records […]

It can be a challenging task to satisfy all of the Health Insurance Portability and Accountability Act (HIPAA) Security, Privacy, Omnibus, and Breach Notification Rules requirements. A lot of healthcare providers have established a compliance […]

Connectria has unveiled the release of a carbon-neutral ‘green cloud’ in its North America and European Union data centers. The brand-new green cloud is being offered to businesses using IBM i and VMware systems. Connectria […]

There are several healthcare organizations that recently reported phishing attacks namely Tennessee Orthopaedic Alliance, Jefferson Dental Care Healthcare Management, and Munson Healthcare. Phishing Attack on Tennessee Orthopaedic Alliance Tennessee Orthopaedic Alliance (TOA) found out that […]

BST & Co. CPAs LLC based in Albany, NY was attacked by a Maze ransomware gang and impacted the patients of Community Care Physicians P.C., a New York medical group. A Maze ransomware gang is […]

In January, there are more than one healthcare data breaches involving at least 500 records per day reported to the Department of Health and Human Services’ Office for Civil Rights. According to the 2019 Healthcare […]

The HHS’ Office for Civil Rights persistently enforced HIPAA compliance at the same level as the last three years. In 2019, 10 HIPAA enforcement actions resulted in the issuance of financial penalties. There were 2 […]

According to the Department of Health and Human Services’ Office for Civil Rights breach portal statistics, 2019 saw a 196% increase in healthcare data breaches from 2018. There were 510 healthcare data breaches involving 500 […]

A phishing attack on Overlake Medical Center & Clinics based in Bellevue, WA in December 2019 resulted in the potential compromise of some personal and protected health information (PHI) of 109,000 patients. Overlake Medical Center […]

Xhibit Telemetry Receiver Vulnerable to Critical BlueKeep Windows Vulnerability The Xhibit Telemetry Receiver (XTR) with model number 96280, v1.0.2, including all versions of the currently unsupported Xhibit Arkon (99999) were found to have critical BlueKeep […]

The Department of Health and Human Services’ Office of Inspector General (OIG) conducted an audit, which revealed that numerous pharmacies and other healthcare companies are incorrectly using the data of Medicare beneficiaries. OIG performed the […]

A phishing attack on Wise Health System in Decatur, TX that happened on March 14, 2019 resulted in the potential compromise of some protected health information (PHI) of 66,934 patients. Wise Health System reported to […]

Ransomware Attack on Central Kansas Orthopedic Group A ransomware attack on Central Kansas Orthopedic Group (CKOG) based in Great Bend, KS in November 2019 resulted in patient file encryption. CKOG discovered the attack on November […]

Stacey Lavette Hendricks, who is a 49-year-old local of Leesburg, FL, pleaded guilty to wire fraudulence and aggravated identity theft. Hendricks was an employee in a medical clinic who was caught impermissibly accessing the protected […]

The 2019 Internet Crime Report of the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) was just presented. It shows that cybercrime losses in 2019 exceeded $3.5 billion. IC3 received about 1,300 per […]

Hospital Sisters Health System just lately found out that an email security breach occurred in August 2019. Unauthorized persons potentially accessed e-mail messages and attachments that contain the protected health information (PHI) of 16,167 patients. […]

Sunshine Behavioral Health Group based in Portland, OR provides business services to healthcare companies. The group reported a breach of its cloud-based system that stored patient medical records because of an accidental misconfiguration. Patient data […]

The Center for Counseling & Family Relationships (CCFAM) is a big group counseling private practice centered in Fort Worth, TX, which was recently reported as Health Insurance Portability and Accountability Act (HIPAA) compliant after finishing […]

The new Ponemon Institute research reveals that the occurrence of cybersecurity incidents due to insiders has gone up by 47% in the last two years. The average yearly global cost due to those cybersecurity incidents […]

The Department of Health and Human Services announced the changes to a final rule of the HIPAA National Council for Prescription Drug Programs (NCPDP) D.0 Telecommunication Standard requiring pharmacies to keep tabs on partly filled […]

Dr. Huddle recently announced its completion of the 6-Stage HIPAA Risk Analysis and remediation process of the Compliancy Group. This Cupertino, CA-based startup has been proven to be in compliance with the HIPAA Security, Privacy, […]

The association of private orthopedic surgery professionals, Fondren Orthopedic Group based in Houston and the nearby areas, encountered a cyberattack that impacted some components of its IT system. The substitute breach notice published on Fondren […]

The Organisation for Economic Co-operation and Development (OECD) published the 2019 Health Statistics, which showed that healthcare expenditures in the U.S.A. are significantly greater than in other developed countries. According to a 2018 Harvard study, […]

The Department of Health and Human Services’ Office for Civil Rights made an announcement  regarding the reversal of the following legislative modifications made to the HIPAA Omnibus Final Rule of 2013: Changes to the Genetic […]

In December 2019, the Department of Health and Human Services’ Office for Civil Rights received 38 reports of healthcare data breaches involving 500 or more records exposed, which is 8.57% more than the reported healthcare […]

The people behind the Maze ransomware are pushing through with their threats on victims to post stolen data during ransomware attacks when the ransom is not paid. In December, Southwire based in Carrollton, GA declined […]

Pulse Secure customers received an advisory from the Cybersecurity and Infrastructure Security Agency (CISA) to implement the patch for vulnerability CVE-2019-11510 of the 2019 Pulse Secure VPN . Cybercriminals continue to attack unpatched Pulse Secure […]

On January 1, 2020, the implementation of the California Consumer Protection Act (CCPA) began. CCPA gave state residents more privacy protections and new rights relating to their personal data. Healthcare data that is protected by […]

Healthcare provider InterMed based in Portland, ME is notifying 33,000 patients about the potential compromise of some of their protected health information (PHI) as a result of a phishing attack. InterMed detected the attack on […]

Adventist Health Sonora in California suffered unauthorized access by a person to a hospital associate’s email account causing the likely compromise of patient data. Adventist Health Sonora’s information security team discovered the email account compromise […]