Articles by Site Editor

The 2019 Novel Coronavirus was referred to by researchers as Severe Acute Respiratory Syndrome Coronavirus 2 or SARS-CoV-2. It is the virus behind the Coronavirus Disease 2019 or COVID-19. In November, researchers first discovered the […]

In February,, 39 healthcare data breaches involving at least 500 records were reported representing a 21.9% increase from January. The breached 1,531,855 healthcare records represent a 231% increase from January. February had more breached records […]

After the HHS’ Office for Civil Rights announcement that HIPAA compliance enforcement has been relaxed in relation to the good faith provision of telehealth services all through the COVID-19 national public health emergency, OCR released […]

There were a number of reported incidents of cyberattacks on healthcare companies that are presently working 24 / 7 to make sure patients with COVID-19 get the healthcare they need to have. These attacks result […]

Maze Ransomware Attack at Texas Network of Walk-in Clinics A Maze ransomware gang attacked AffordaCare Urgent Care Clinic, which is a network of walk-in clinics throughout Texas. A recent DataBreaches.net report stated that the hackers […]

In trying to stop the passing on of the 2019 novel coronavirus, patients believed of having exposure to the virus and people having signs of COVID-19 were advised to self-isolate at home. It is vital […]

Cybercriminals are targeting the U.S. Department of Health and Human Services (HHS) in an attempt to overload its website with hundreds of thousands of hits. As per the statement of HHS spokesperson, Caitlin B. Oakley, […]

TigerConnect is the provider of the most popular secure healthcare communications platform in the USA. It declared its support for COVID-19 related communications during the coronavirus pandemic by allowing U.S. health systems and hospitals to […]

Henry Mayo Newhall Hospital in Santa Clarita, CA has dismissed a number of its employees because of snooping on the Saugus High School shooter’s health records. Under the Health Insurance Portability and Accountability Act (HIPAA) […]

SAR Technology Group has achieved HIPAA compliance following its completion of the proprietary 6-Stage HIPAA Risk Analysis and remediation process of Compliancy Group. The Health Insurance Portability and Accountability Act regulatory requirements ensure the integrity, […]

Privacy Breach at Harris Health System Harris Health System based in Houston, TX has informed 2,298 patients about the potential exposure of some of their protected health information (PHI). On December 30, 2019, two envelopes […]

The 2020 Healthcare Information and Management Systems Society Conference (HIMSS 20) was cancelled because of the persistent spread of COVID-19. Over 40,000 people and 1,300 exhibitors were supposed to go to the conference that was […]

The Singapore University of Technology and Design researchers identified a group of 12 vulnerabilities referred to as SweynTooth in the Bluetooth Low Energy (BLE) software development kits that came from around 7 suppliers of software-on-a-chip […]

Walgreens started notifying customers regarding the potential access of some of their protected health information (PHI) by other people because of an error in the Walgreens mobile app particularly its personal secure messaging feature. The […]

The Department of Health and Human Services’ Office of Inspector General (OIG) conducted an audit of the National Institutes of Health (NIH). The results revealed that technology control flaws in the NIH electronic medical records […]

It can be a challenging task to satisfy all of the Health Insurance Portability and Accountability Act (HIPAA) Security, Privacy, Omnibus, and Breach Notification Rules requirements. A lot of healthcare providers have established a compliance […]

Connectria has unveiled the release of a carbon-neutral ‘green cloud’ in its North America and European Union data centers. The brand-new green cloud is being offered to businesses using IBM i and VMware systems. Connectria […]

There are several healthcare organizations that recently reported phishing attacks namely Tennessee Orthopaedic Alliance, Jefferson Dental Care Healthcare Management, and Munson Healthcare. Phishing Attack on Tennessee Orthopaedic Alliance Tennessee Orthopaedic Alliance (TOA) found out that […]

BST & Co. CPAs LLC based in Albany, NY was attacked by a Maze ransomware gang and impacted the patients of Community Care Physicians P.C., a New York medical group. A Maze ransomware gang is […]

In January, there are more than one healthcare data breaches involving at least 500 records per day reported to the Department of Health and Human Services’ Office for Civil Rights. According to the 2019 Healthcare […]

The HHS’ Office for Civil Rights persistently enforced HIPAA compliance at the same level as the last three years. In 2019, 10 HIPAA enforcement actions resulted in the issuance of financial penalties. There were 2 […]

According to the Department of Health and Human Services’ Office for Civil Rights breach portal statistics, 2019 saw a 196% increase in healthcare data breaches from 2018. There were 510 healthcare data breaches involving 500 […]

A phishing attack on Overlake Medical Center & Clinics based in Bellevue, WA in December 2019 resulted in the potential compromise of some personal and protected health information (PHI) of 109,000 patients. Overlake Medical Center […]

Xhibit Telemetry Receiver Vulnerable to Critical BlueKeep Windows Vulnerability The Xhibit Telemetry Receiver (XTR) with model number 96280, v1.0.2, including all versions of the currently unsupported Xhibit Arkon (99999) were found to have critical BlueKeep […]

The Department of Health and Human Services’ Office of Inspector General (OIG) conducted an audit, which revealed that numerous pharmacies and other healthcare companies are incorrectly using the data of Medicare beneficiaries. OIG performed the […]

A phishing attack on Wise Health System in Decatur, TX that happened on March 14, 2019 resulted in the potential compromise of some protected health information (PHI) of 66,934 patients. Wise Health System reported to […]

Ransomware Attack on Central Kansas Orthopedic Group A ransomware attack on Central Kansas Orthopedic Group (CKOG) based in Great Bend, KS in November 2019 resulted in patient file encryption. CKOG discovered the attack on November […]

Stacey Lavette Hendricks, who is a 49-year-old local of Leesburg, FL, pleaded guilty to wire fraudulence and aggravated identity theft. Hendricks was an employee in a medical clinic who was caught impermissibly accessing the protected […]

The 2019 Internet Crime Report of the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) was just presented. It shows that cybercrime losses in 2019 exceeded $3.5 billion. IC3 received about 1,300 per […]

Hospital Sisters Health System just lately found out that an email security breach occurred in August 2019. Unauthorized persons potentially accessed e-mail messages and attachments that contain the protected health information (PHI) of 16,167 patients. […]

Sunshine Behavioral Health Group based in Portland, OR provides business services to healthcare companies. The group reported a breach of its cloud-based system that stored patient medical records because of an accidental misconfiguration. Patient data […]

The Center for Counseling & Family Relationships (CCFAM) is a big group counseling private practice centered in Fort Worth, TX, which was recently reported as Health Insurance Portability and Accountability Act (HIPAA) compliant after finishing […]

The new Ponemon Institute research reveals that the occurrence of cybersecurity incidents due to insiders has gone up by 47% in the last two years. The average yearly global cost due to those cybersecurity incidents […]

The Department of Health and Human Services announced the changes to a final rule of the HIPAA National Council for Prescription Drug Programs (NCPDP) D.0 Telecommunication Standard requiring pharmacies to keep tabs on partly filled […]

Dr. Huddle recently announced its completion of the 6-Stage HIPAA Risk Analysis and remediation process of the Compliancy Group. This Cupertino, CA-based startup has been proven to be in compliance with the HIPAA Security, Privacy, […]

The association of private orthopedic surgery professionals, Fondren Orthopedic Group based in Houston and the nearby areas, encountered a cyberattack that impacted some components of its IT system. The substitute breach notice published on Fondren […]

The Organisation for Economic Co-operation and Development (OECD) published the 2019 Health Statistics, which showed that healthcare expenditures in the U.S.A. are significantly greater than in other developed countries. According to a 2018 Harvard study, […]

The Department of Health and Human Services’ Office for Civil Rights made an announcement  regarding the reversal of the following legislative modifications made to the HIPAA Omnibus Final Rule of 2013: Changes to the Genetic […]

In December 2019, the Department of Health and Human Services’ Office for Civil Rights received 38 reports of healthcare data breaches involving 500 or more records exposed, which is 8.57% more than the reported healthcare […]

The people behind the Maze ransomware are pushing through with their threats on victims to post stolen data during ransomware attacks when the ransom is not paid. In December, Southwire based in Carrollton, GA declined […]

Pulse Secure customers received an advisory from the Cybersecurity and Infrastructure Security Agency (CISA) to implement the patch for vulnerability CVE-2019-11510 of the 2019 Pulse Secure VPN . Cybercriminals continue to attack unpatched Pulse Secure […]

On January 1, 2020, the implementation of the California Consumer Protection Act (CCPA) began. CCPA gave state residents more privacy protections and new rights relating to their personal data. Healthcare data that is protected by […]

Healthcare provider InterMed based in Portland, ME is notifying 33,000 patients about the potential compromise of some of their protected health information (PHI) as a result of a phishing attack. InterMed detected the attack on […]

Adventist Health Sonora in California suffered unauthorized access by a person to a hospital associate’s email account causing the likely compromise of patient data. Adventist Health Sonora’s information security team discovered the email account compromise […]

To prevent the exploitation of critical vulnerabilities, Microsoft has released patches for all supported Windows versions that need immediate attention. Although no report of vulnerabilities exploitation has been received, the threat is serious and it […]

A recent survey by Buck revealed that a lot of group health plan sponsors do not fully comply with the Health Insurance Portability and Accountability Act Rules. Buck is a company providing integrated HR and […]

Threat actors nowadays commonly use ransomware for file encryption to prevent data access. In addition, they steal information and threaten the victims that their stolen data will be published or sold if they would not […]

A phishing attack on Alomere Health in Alexandria, MN resulted in the potential access of the protected health information (PHI) of almost 50,000 patients by unauthorized individuals. After discovering the phishing attack on November 6, […]

A week ago, the Federal Bureau of Investigation (FBI) released a flash alert cautioning private businesses in the United States regarding the possibility of Maze ransomware attacks. The alert came after several days from the […]

The U.S. Department of Justice (DOJ) announced that a former employee of an unnamed hospital in New York City pleaded guilty to employing malicious software to acquire the credentials of co-workers, which he afterward misused […]

In 2019, the Department of Health and Human Services’ Office for Civil Rights (OCR) issued 10 financial penalties and one civil monetary penalty. OCR received a total of $12,274,000 for the settlement of HIPAA violation […]

Center for Health Care Services (CHCS) based in San Antonio, TX encountered a cyberattack that resulted in computer systems de-activation during the holiday period. CHCS provides individuals with developmental handicaps, mental health problems, and substance […]

An alert issued by cybersecurity company Emsisoft mentioned the use of a decryptor bug by Ryuk ransomware victims to recover their records. Using this bug in the decryptor application could result in file corruption and […]

In November 2019, the Department of Health and Human Services’ Office for Civil Rights (OCR) received 33 healthcare data breach reports with 500 or more records, which is 36.5% less than the reported breaches in […]

The Northern District of Alabama filed a lawsuit against DCH Health System in the Western Division of U.S. District Court because of a ransomware attack that happened on October 1, 2019. The ransomware attack forced […]

The second enforcement action was issued by the Department of Health and Human Services’ Office for Civil Rights as per the HIPAA Right of Access Initiative. Korunda Medical in Florida agreed to resolve potential violations […]

The House Energy and Commerce Committee released a draft of the discussion of a new bipartisan data privacy bill. The bill concerns the national standards for privacy and security and plans to put limits on […]

The Department of Health and Human Services’ (HHS) Office for Civil Rights had another busy year with HIPAA enforcement. To date in 2019, OCR imposed 9 financial penalties on HIPAA covered entities and business associates […]

LifeLabs located in Toronto, one of the biggest Canadian medical testing and diagnostics companies, submitted a serious data breach report. Hackers possibly viewed the personal and medical information of around 15 million individuals, mostly residents […]

Tidelands Health located in Georgetown, SC, is working 24 / 7 to reestablish its computer systems after discovering malware on its system on December 12, 2019. The malware attack has compelled the healthcare company to […]

Encryption makes data unavailable to unauthorized people, as long as strong encryption is utilized and the private key to decrypt information isn’t compromised. Not all encryption algorithms give a similar protection level. The effectiveness of […]

Truman Medical Centers located in Kansas City, MO, the biggest inpatient and outpatient services provider in the city, learned that an unencrypted laptop computer that contains 114,466 patients’ protected health information (PHI) was stolen from […]

Blue Cross Blue Shield of Minnesota, the state’s biggest health insurance provider, is currently working to resolve about 200,000 unaddressed vulnerabilities identified on its servers, some of which are over ten years old. In August […]

Smile Metrics Consulting, a dental marketing consulting company, has finished the 6-Stage HIPAA risk analysis and remediation process of the Compliancy Group and showed it implements a reliable HIPAA compliance program. Smile Metrics Consulting assists […]

Cheyenne Regional Medical Center located in Wyoming lately discovered the compromise of patient data because of a phishing attack in April. On or around April 5, 2019, the medical center received notification concerning a potential […]

Sunrise Community Health based in Evans, CO discovered the compromise of several employees’ email accounts because its employees responded to phishing emails. Unauthorized individuals accessed the email accounts from September 11, 2019 to November 22, […]

Compliancy Group has declared the full compliance of Adstrem, a global advertising technology, and services provider, with the Health Insurance Portability and Accountability Act (HIPAA). The Group also confirms its effective HIPAA compliance plan. Adstream […]

In June 2016, Banner Health sustained a data breach which resulted in the theft of the protected health information (PHI) of 2.9 million people. Victims of the breach filed a class-action lawsuit in August 2016. […]

Southeastern Minnesota Oral & Maxillofacial Surgery (SEMOMS) made an announcement a ransomware attack that caused the potential exposure of the protected health information (PHI) of about 80,000 patients. The ransomware attack was seen on September […]

Nebraska Medicine learned that a member of its staff got access to patients’ healthcare data without any authorized work reason for a time period of about three months. Nebraska Medicine uncovered the privacy violation while […]

Loudoun Medical Group, also called the Comprehensive Sleep Care Center (CSCC), had a phishing attack some time on June 19, 2019. The IT department was cautioned regarding a potential email security breach upon detecting suspicious […]

Amazon’s Alexa now features a new healthcare skill that patients may employ in handling their prescription drugs and purchasing prescription refills. At the beginning of this year, Amazon stated that it has made a HIPAA-eligible […]

The Anti-Phishing Working Group’s Phishing Activity Trends Report for Q3, 2019 stated that the rate of phishing attacks now is at a rate that is the highest since 2016. In Q3 of 2019, there were […]

Brooklyn Hospital Center in New York announced a security breach that happened in late July 2019 involving malware installation on some hospital servers. The quick discovery of the incident minimized the problems caused since safety […]

A ransomware attack on Virtual Care Provider Inc. (VCP), a provider of data storage, internet, and email services, cybersecurity, and other IT services in Wisconsin, resulted in the encryption of the healthcare records and other […]

Eagle Consulting Group, a managed service provider based in Anchorage, AK , was certified by Compliancy Group as HIPAA-compliant. Eagle Consulting Group provides a lot of clients, even in the healthcare industry, with proactive IT […]

A phishing attack on Choice Cancer Care Treatment Center (CCCT) in May 2019 resulted in the potential access of the protected health information (PHI) of some patients by unauthorized people in May 2019. CCCT is […]

A phishing attack on Solara Medical Supplies, LLC in Chula Vista, CA, resulted in the potential compromise of the protected health information (PHI) of a lot of its customers. Solara Medical discovered suspicious activity in […]

Compliancy Group confirmed ProtoLytic, LLC, a developer providing decision support tools to medical cost management in Tampa, FL as HIPAA-compliant. Healthcare providers use ProtoLytic tools to create patient treatment plans using evidence-based recommendations and demographic […]

A misconfigured AWS S3 storage bucket owned by Sunshine Behavioral Health, LLC, a network of drug and alcohol addiction rehabilitation centers based in San Juan Capistrano, CA resulted in the compromise of sensitive patient data. […]

Main Street Clinical Associates, PA. located in Durham, NC has notified a number of its patients regarding the potential compromise of some of their protected health information (PHI) because of the stolen devices from its […]

A phishing attack at Salem Health Hospitals & Clinics, Oregon on July 31, 2019 resulted in the access of some employees’ email accounts by an unauthorized person. The healthcare provider detected the breach within a […]

A new survey was done to know the expense connected with healthcare data breaches, the magnitude of the healthcare community attacked, and what proportion of the attacks become successful. The Black Book Market Research performed […]