Calculated HIPAA

A Calculated Approach to HIPAA Compliance

  • HIPAA Violation News
  • HIPAA Updates
  • HIPAA Advice
  • HIPAA Compliance
    • HIPAA Law
  • HIPAA Violations
  • HIPAA Training
  • HIPAA Penalties
HomeAuthorsSite Editor

Articles by Site Editor

How will GDPR Affect American Organizations in Protecting Rights to Privacy

April 30, 2018 Site Editor

Many people talk about the General Data Protection Regulation (GDPR) nowadays with its pending enforcement on May 25, 2018. Since the GDPR is an EU law, does it only impact organizations located within the EU? […]

Transcription Services Web Portal Breach Leaked Patients’ PHI

April 27, 2018 Site Editor

MEDantex, a transcription service provider, accidentally left patient medical records unsecured and freely accessible to anyone without the need of a password.  The error in restricting access to a physician’s portal resulted in the exposure […]

Healthcare Data Breach Report for Q1 2018

April 26, 2018 Site Editor

For the first quarter of 2018, the Department of Health and Human Services’ Office for Civil Rights (OCR) received 77 reports of healthcare data breaches. Over one million patients and health plan members were affected […]

Orangeworm Threat Group Used Kwampirs Backdoor to Attack the Healthcare Industry

April 25, 2018 Site Editor

According to Symantec, there’s a recently identified threat group called Orangeworm, which is launching targeted attacks on big healthcare companies in the United States. Orangeworm was first discovered in January 2015. It has been doing […]

PHI of 1,071 Mental Health Patients Disclosed for Over 3 Years

April 24, 2018 Site Editor

The protected health information of 1,071 patients who received medical services at the Des Moines Crisis Observation Center was “accidentally and unknowingly disseminated” for a period of three and a half years. The Crisis Observation […]

Cybersecurity Framework Version 1.1 Released By NIST

April 23, 2018 Site Editor

The updated version of the Cybersecurity Framework was made available by the National Institute of Standards and Technology this April 16, 2018. This framework for improving critical infrastructure cybersecurity was issued initially on February 2014. […]

Healthcare Data Breach Analysis for March 2018

April 20, 2018 Site Editor

The number of healthcare data breaches increased month-over-month. In March 2018, HIPAA covered entities reported 29 security breaches. February 2018 had 25 breach incidents. Though the number of reported data breaches increased in March, there […]

Phishing Attack on UnityPoint Health Compromised Several Employees’ Email Accounts

April 19, 2018 Site Editor

UnityPoint Health discovered that unauthorized individuals accessed the email accounts of several employees. It was found that the email accounts were accessed for a period of three months starting from November 1, 2017 up to […]

Inogen Data Breach Potentially Impacts 30,000 Individuals

April 18, 2018 Site Editor

Inogen is a company that manufactures portable oxygen concentrators. An unauthorized person got the login credentials of one Inogen employee and accessed his email account. The personal information of about 30,000 persons that Inogen provided […]

1,500 Baptist Health Patients Alerted for Possible Credit Card Fraud

April 17, 2018 Site Editor

Baptist Health’s West Kendall Baptist Hospital in Miami, FL discovered that a former employee stole the credit card information of patients then used the details for fraudulent purchases. Baptist Health found out about the misuse […]

The PHI of 63,500 Middletown Medical Patients Impacted by Data Breach

April 16, 2018 Site Editor

The protected health information (PHI) of tens of thousands of Middletown Medical patients was exposed due to a misconfiguration in the security setting of a radiology interface. Middletown Medical, a multi-specialty physician’s group that is […]

Receptionist Stole 653 Patients’ PHI and Penalized With 2 to 6 Years Jail Term

April 13, 2018 Site Editor

A 31-year old former receptionist named Annie Vuong worked at a New York dental practice where she stole the protected health information of over 650 patients. She was sentenced to spend 2 to 6 years […]

Poor Patching Practices Increase the Risk of Exploited Vulnerabilites

April 12, 2018 Site Editor

Ponemon Institute conducted a survey on behalf of ServiceNow to learn about the issues on patching that healthcare and pharmaceutical industries are struggling with. The study revealed that organizations are not patching vulnerabilities promptly hence […]

New Jersey Attorney General’s Office Fined Virtua Medical Group the Amount of $418,000

April 11, 2018 Site Editor

The New Jersey Attorney General’s Office financially penalized Virtua Medical Group for its failure in protecting the privacy of over 1,650 patients. The protected health information of the patients was exposed because of a misconfigured […]

Alabama’s Data Breach Notification Act Enacted

April 10, 2018 Site Editor

Finally, Alabama has a law requiring companies to issue notifications to residents whose personal information has been exposed or compromised because of a data breach. On March 28, 2018, Governor Kay Ivey signed the data […]

Massachusetts Police Department Discovered Cambridge Health Alliance PHI Breach

April 9, 2018 Site Editor

Law enforcement discovered that the protected health information (PHI) of some Cambridge Health Alliance (CHA) patients fell into the hands of an unauthorized person. Everett Massachusetts Police Department notified CHA on January 31, 2018 about […]

State Attorneys General Oppose the DATAS Act

April 6, 2018 Site Editor

Almost all states in the U.S. have their own data breach notification legislation. Now, there are new federal regulations being proposed that could render state level laws obsolete. The Data Acquisition and Technology Accountability and […]

The South Dakota Data Breach Notification Law Has Been Approved

April 5, 2018 Site Editor

All 48 U.S. states are already implementing a Breach Notification Law that requires individuals and companies storing personal information to send a notification letter to individuals when a data breach occurs. South Dakota is one […]

Healthcare Data Breaches Increase Mortality Rates According to Research

April 4, 2018 Site Editor

Owen Graduate School of Management researcher Dr. Sung Choi conducted a study on the effects of data breaches in hospitals. The results indicated a rise in mortality rates at breached hospitals due to a drop […]

What is a HIPAA Violation and How does it Happen?

April 3, 2018 Site Editor

Almost every day of the year there’s a report of a HIPAA violation happening whether in a hospital, health plan or by a healthcare professional. But what is a HIPAA and in what ways is […]

Some Facts About HIPAA and Important HIPAA Rule Updates

April 2, 2018 Site Editor

It’s good to know about the beginnings of the Health Insurance Portability and Accountability Act and how it has changed over the years. HIPAA was signed into law on August 21, 1996 by President Bill […]

What Happens to Healthcare Employees Who Violate HIPAA Rules?

March 30, 2018 Site Editor

Working in healthcare requires a good working knowledge of HIPAA rules.  It requires diligence to ensure compliance with HIPAA rules. When HIPAA rules are violated, there are consequences, whether a healthcare employee does it accidentally […]

Medical University of South Carolina Terminated 13 Employees for HIPAA Violations in 2017

March 29, 2018 Site Editor

Based on the Post and Courier report, 13 Medical University of South Carolina (MUSC) employees were terminated last year because of snooping on patient records, which is a violation of HIPAA Rules. MUSC had a […]

SpamTitan v7.00 Switch to Bitdefender For Primary Antivirus Engine

March 28, 2018 Site Editor

TitanHQ released SpamTitan v7.00, which is the new version of its cloud-based anti spam service. SpamTitan v7.00 has updated features that can protect users more effectively from malicious emails and known threats. It also includes […]

CPLSE-Owned Laptop with Unencrypted PHI Stolen

March 27, 2018 Site Editor

The protected health information of some patients and payment guarantors were compromised because the unencrypted laptop computer that Clinical Pathology Laboratories Southeast Inc (CPLSE) issued to an employee was stolen. CPLSE took immediate action so […]

Over 35,000 ATI Physical Therapy Patients Impacted by Phishing Attack

March 26, 2018 Site Editor

The protected health information of over 35,000 patients at ATI Physical Therapy was potentially accessed by unauthorized persons due to a phishing attack on some employees’ email accounts. ATI discovered the security breach on January […]

PHI of 1,049 Patients Exposed in RoxSan Pharmacy Data Breach

March 23, 2018 Site Editor

RoxSan Pharmacy based in Beverly Hills, CA mailed breach notification letters last month to 1,049 patients. The patients’ protected health information was disclosed to a business associate through unencrypted email on January 20, 2015. The […]

OIG Published the Findings on FISMA Compliance Review of HHS

March 22, 2018 Site Editor

The Department of Health and Human Services’ Office of Inspector General released its review findings on HHS’ compliance with the Federal Information Security Modernization Act (FISMA) of 2014. OIG noted the improvements HHS made to […]

Email Accounts of Primary Health Care Employees Hacked Compromising Patients PHI

March 21, 2018 Site Editor

Malicious persons accessed the email accounts of four employees working in Primary Health Care Inc., which is a non-profit network of community health centers in Des Moines, Marshalltown and Ames, IA. The unauthorized persons may […]

QuadMed Employees Impermissibly Accessed the PHI of More than 9,850 Patients

March 20, 2018 Site Editor

QuadMed, a medical, fitness, physical therapy, laboratory and pharmacy services provider based in Wisconsin, sent notification letters by mail to 9,854 patients informing them that their PHI was potentially viewed without authorization during a privacy […]

BJC Healthcare’s Data Breach Exposed the PHI of 33,420 Patients for 8 Months

March 19, 2018 Site Editor

BJC Healthcare, a non-profit healthcare system, runs two nationally recognized hospitals in St. Louis, Missouri namely St. Louis Children’s Hospital and Barnes-Jewish Hospital plus 13 other hospitals. It has over 31,000 employees, admits more than […]

What HIPAA Changes and Enforcement Outlook Can Healthcare Organizations Expect in 2018?

March 16, 2018 Site Editor

Department of Health and Human Services’ (HSS) Office for Civil Rights (OCR) Director Roger Severino gave some hints on the likely changes affecting the HIPAA in 2018. Because the Trump administration lobbied for a decrease […]

Alabama State Senate Passed the Data Breach Notification Act

March 15, 2018 Site Editor

The Alabama Senate unanimously passed the Alabama Data Breach Notification Act (Senate Bill 318) last February 2017, so now the bill is in the hands of the House of Representatives. Alabama and South Dakota are […]

Two-Email Related Breaches Potentially Impacted 16,000 Individuals

March 14, 2018 Site Editor

Two separate incidents of email-related data breaches were recently reported to OCR. The covered entities involved were Flexible Benefit Service Corportation (Flex) and Kansas Department for Aging and Disability Services (KDADS). The protected health information […]

Healthcare Industry Employees Identified as Top HIPAA Threats

March 13, 2018 Site Editor

The IBM X-Force Threat Intelligence Report mentioned that 71% of healthcare data breaches are because of employee actions. There are two types of employee-related data breaches. Malicious insiders comprise 25% of healthcare data breaches and […]

Compliance With the Updated Common Rule Delayed for 6 Months

March 12, 2018 Site Editor

The Federal Policy for the Protection of Human Subjects was supposed to take effect on January 19, 2018. But its implementation was delayed by 6 months. Compliance date was changed to July 19, 2018. The […]

Private Equity Syndicate Acquires PhishMe and Rebrands as Cofense

March 9, 2018 Site Editor

PhishMe is the top provider of human phishing defense solutions that started its operations in 2007. It recently announced its change in branding beginning February 26, 2018 as it was acquired by a private equity […]

The Second Largest Data Breach in New York Compromised 135,000 Patients’ Records

March 8, 2018 Site Editor

St. Peter’s Surgery & Endoscopy Center in New York was attacked by malware that resulted to giving hackers access to the healthcare data of about 135,000 patients. This is the second largest healthcare data breach […]

ID Numbers of 70,320 Tufts Health Plan Members Exposed

March 7, 2018 Site Editor

Tufts Health Plan had a data breach that exposed the health plan member ID numbers of 70,320 members. The mailing vendor of Tufts Health Plan sent Preferred ID cards to Tufts Medicare Advantage members from […]

Protenus Healthcare Breach Barometer Report for January Published

March 6, 2018 Site Editor

The Protenus Healthcare Breach Barometer report recently published that about 473,807 patient medical records were exposed or stolen in January 2018. That figure is not yet final as 11 of the 37 breaches have yet […]

Insurance Provider Declines Audit Says OPM OIG

March 5, 2018 Site Editor

Health Net California, a benefit-provider for federal employees, has been tagged as unwilling to submit to a recent security audit according to the Flash Audit Alert issued by the U.S. Office of Personnel Management (OPM) […]

Affected Patients of White and Bright Family Dental Server Hack Informed

March 2, 2018 Site Editor

An online attack on the medical records of White and Bright Family Dental patients was uncovered on January 30, 2018. Hackers were able to access one of the servers of the dental practice which is […]

Sutter Health’s Business Associate Experienced a Phishing Incident

March 1, 2018 Site Editor

The legal firm Salem and Green, a business associate of Sutter Health, had a phishing attack resulting in exposure of the protected health information of certain patients. A staff of Salem and Green received a […]

What Should Healthcare Organizations Do to Reduce Cyber Extortion Risk?

February 28, 2018 Site Editor

Healthcare organizations must be prepared for the unexpected times when cyber criminals attack their data networks with the intention of extortion. It is expected that HIPAA-compliant entities are already somewhat prepared against cyber attacks because […]

Different Types of Cyber Extortion Attacks on the Healthcare Industry Increasing

February 27, 2018 Site Editor

The Department of Health and Human Services’ Office for Civil Rights published in its January 2018 Cybersecurity Newsletter the increased extortion attempts on healthcare organizations in the past two years. Ransomware attacks encrypt electronic health […]

Proper Handling of a HIPAA Privacy Complaint

February 26, 2018 Site Editor

When patients complain of privacy violation, healthcare providers need to know how to deal with it. For an efficient response, the organization must have policies that cover complaints procedure. The staff should know how to […]

Triple-S Advantage Had Another Data Breach That Affected 36,000

February 23, 2018 Site Editor

A privacy breach occurred in the Puerto Rico Health Plan Triple-S Advantage, which affected 36,000 plan members. The cause of the breach was a mailing error that disclosed the plan members’ sensitive information to incorrect […]

Ursnif Trojan Attacks and Sends Spear Phishing Emails

February 22, 2018 Site Editor

The banking Trojan Ursnif was typically used for attacking financial institutions. But the malware is now used to attack different organizations including those in the healthcare industry. The researchers at the security firm Barkly detected […]

HIMSS Warns About Five Cybersecurity Threats Trending Today

February 21, 2018 Site Editor

According to Healthcare Information and Management Systems Society (HIMSS), there are five current cybersecurity threats that healthcare organizations need to watch out for to prevent unauthorized access to their networks and protected health information. The […]

VA OIG Audits Orlando VA Medical Center for Network Vulnerabilities

February 20, 2018 Site Editor

A Florida Veterans Affairs Medical Center set up a Wi-Fi network without coordinating with the VA’s Office of Information & Technology (OI&T). The result of such action was the introduction of vulnerabilities that could lead […]

Massachusetts Launched an Online Tool for Reporting Data Breaches

February 19, 2018 Site Editor

The Massachusetts Attorney General’s office presented a new tool for reporting online data breach. The objective of this tool is to assist breached entities in quickly submitting breach notices. As demanded by the Massachusetts data […]

Ron’s Pharmacy Services Email Account Breach Impacts 6,781 Patients

February 16, 2018 Site Editor

Ron’s Pharmacy Services in San Diego, CA discovered that an email account containing limited protected health information of 6,781 patients was compromised. The pharmacy noticed on October 3, 2017 the suspicious activity on an employee’s […]

Why Healthcare Organizations Become Victims of Multiple Ransomware Attacks

February 15, 2018 Site Editor

Sophos, an online security company, released a report saying that victims of ransomware attacks are likely to have more attacks within a year. It pointed out that healthcare companies will continue to be the target […]

Breach Notification Law is About to Change in South Dakota

February 14, 2018 Site Editor

The states of South Dakota and Alabama currently do not have breach notification laws. However, the scenario will be different for South Dakota soon if their State Legislature approves proposed bill SB 62 passed by […]

Partners HealthCare Delayed Breach Notification for Too Long

February 13, 2018 Site Editor

Partners HealthCare System recently notified 2,600 patients that their protected health information was compromised. The breach incident was discovered in May 2017. Under HIPAA Rules, Partners HealthCare should have notified OCR and the victims up […]

Federal Court Denied Motion to Dismiss Lawsuit Against Mail Service

February 12, 2018 Site Editor

Press America, Inc is a mail service used by CVS Pharmacy. Because of an accidental disclosure of 41 individual’s protected health information, CVS Pharmacy sued Press America, Inc. CVS Pharmacy works as a business associate […]

AllScripts Faces Class Action Lawsuit Because of Ransomware Attack

February 9, 2018 Site Editor

AllScripts was attacked by ransomware last week resulting in the unavailability of their services. Thousands of healthcare providers cannot access patient data or the e-prescription service. AllScripts now faces a class action lawsuit filed by […]

New Data Breach Notification Bill in North Carolina Reinforces Residents Identity Theft Protection

February 8, 2018 Site Editor

North Carolina Attorney General Josh Stein and state Representative Jason Saine introduced the Act to Strengthen Identity Theft Protections on January 8, 2018. The introduction of this new data breach notification bill was a response […]

Eastern Maine Medical Center Breach Exposed 660 Patients’ PHI

February 7, 2018 Site Editor

660 patients of Eastern Maine Medical Center were notified of a potential exposure of their protected health information. The portable hard drive that contained the sensitive information disappeared from its State Street facility in Bangor, […]

Kansas Attorney General Fined Pearlie Mae’s Compassion and Care LLC for Violating Wayne Owen Act

February 6, 2018 Site Editor

The Kansas Attorney General fined Pearlie Mae’s Compassion and Care LLC in Topeka, Kansas together with its owners for its failure to protect patient and employee records. The civil monetary penalty amounted to $8,750. According […]

Aetna Needs to Pay $1.15 Million Settlement for the NY Attorney General Data Breach Case

February 5, 2018 Site Editor

Aetna recently settled a class action lawsuit paying $17.2 million for a data breach last July. The breach involved sending letters to members when details of HIV medications became visible through the plastic windows of […]

Causes of Healthcare Breaches in 2017 and How to Minimize Them

February 2, 2018 Site Editor

Hacking or IT incidents is the major cause of healthcare data breaches of 2017. 17 out of the top 20 were of this cause. In comparison to the previous years, hacking/IT incidents only accounted for […]

Comparison of Healthcare Data Breaches From 2015 to 2017

February 1, 2018 Site Editor

This article compares the largest healthcare data breaches from 2015 to 2017. The past two years were record-breaking with respect to healthcare data breaches. What about 2017? The healthcare industry had a bad year on […]

CIOX Health Sued HHS for Unlawful Changes Made On HIPAA Regulations

January 31, 2018 Site Editor

CIOX Health is a medical record retrieval company that is suing the Department of Health and Human Services. The lawsuit concerns the restriction placed by HIPAA laws on the amount that providers can charge patients […]

Allscripts and Two Indiana Hospitals Were Attacked by Ransomware

January 30, 2018 Site Editor

A ransomware attack on Allscripts happened on January 18, 2018, which is the reason why a number of the firm’s applications, such as the cloud EHR and the electronic prescriptions platform, went offline. The attack […]

Aetna Agreed to Pay Victims of HIV Status Data Breach

January 29, 2018 Site Editor

Aetna agreed to pay $17,161,200 to settle a class action lawsuit filed by complainants of a mailing error that disclosed sensitive information. The envelopes used had clear plastic windows through which the details of HIV […]

Hancock Health in Indiana Pays $55K Ransom to Unlock Encrypted Files

January 26, 2018 Site Editor

Hancock Health in Indiana, Greenfield had a ransomware attack that forced hospital staff to use pen and paper to manually record patient health information. The hospital’s IT department tried to block the ransomware attack and […]

Laptop Theft Potentially Compromised the PHI of 43,000 Patients of Coplin Health Systems

January 25, 2018 Site Editor

The Coplin Health Systems based in West Virginia had a potential PHI breach impacting 43,000 patients. The cause of the breach is an unencrypted laptop computer stolen from an employee’s vehicle. Coplin Health knew about […]

Regulation on the Confidentiality of Substance Use Disorder Patient Records Updated

January 24, 2018 Site Editor

The Department of Health and Human Services has updated the rule on Confidentiality of Substance Use Disorder Patients Records. In relation to this, the regulation on Substance Abuse and Mental Health Services Administration (SAMHSA) also […]

Medicaid Patients PHI Exposed at Oklahoma State University Center for Health Sciences

January 23, 2018 Site Editor

The computer network of Oklahoma State University Center for Health Sciences (OSUCHS) was accessed by an unauthorized individual resulting in the potential exposure of the billing information of Medicaid patients. OSUCHS discovered the security breach […]

Two Malware Attacks on Colorado Practice Impacted 16,000+ Patients

January 22, 2018 Site Editor

Longs Peak Family Practice (LPFP) in Longmont, Colorado was attacked by ransomware. The hacker gained access to the systems of this family and sports medicine practice and encrypted some parts of its network. LPFP identified […]

OIG Finds System Vulnerabilities at North Carolina State Medicaid Agency

January 19, 2018 Site Editor

The Department of Health and Human Services’ Office of Inspector General (OIG) found data security inadequacies upon auditing the North Carolina State Medicaid agency. According to the report, the State agency did not implement enough […]

NewSky Security Discovers More than 1,000 Misconfigured Lexmark Printers

January 18, 2018 Site Editor

NewSky Security researchers discovered a misconfiguration in over a thousand Lexmark printers that are accessible over the Internet. These are printers used by universities, businesses and the U.S. government. The misconfiguration is allowing unauthorized individuals […]

AHIMA Helps Healthcare Organizations to Develop an Effective IG Program

January 17, 2018 Site Editor

A guide published by the American Health Management Association (AHIMA) aims to help healthcare organizations create a comprehensive cybersecurity plan. It is necessary for healthcare organizations to develop and maintain an organization-wide framework that manages […]

Ransomware Attacks in 2017 Increased by 62%

January 16, 2018 Site Editor

Anti-malware firm Malwarebytes released a new report covering ransomware attacks up to the end of November 2017. Ransomware attacks increased by 62%, because criminal gangs and cybercriminals use them to make money quickly. Since September […]

Scrub Nurse That Photographed Employee-Patient’s Genitals Violates HIPAA Rules

January 15, 2018 Site Editor

A scrub nurse was fired for violating the HIPAA Rules. Allegedly, a scrub nurse photographed the genitals of an employee–patient undergoing incision hernia surgery at Washington Hospital. She used her mobile phone to take photos […]

Improving the State of Email Security in Healthcare Using DMARC

January 12, 2018 Site Editor

About 98% of healthcare providers are still not yet implementing the DMARC (Domain-based Message Authentication, Reporting & Conformance) email authentication standard. This information is based on a survey conducted by the National Health Information Sharing […]

Ransomware Attack Cut Access to Dental Practice Records for 5 Days

January 11, 2018 Site Editor

Wager Evans Dental in Reno, NV had to deal with a ransomware attack that kept them from accessing dental records and images for five days. The ransomware attack happened on October 30, 2017. A report […]

Protenus Released Healthcare Data Breach Report for November

January 10, 2018 Site Editor

Protenus just released the November healthcare data breach report and it revealed a decrease in the number of reported healthcare data breaches and the number of patient records exposed for this month. November only had […]

PHI of 1,750 Patients of Austin Manual Therapy Exposed Due to Data Theft

January 9, 2018 Site Editor

Austin Manual Therapy (AMT) notified 1,750 of its patients of a potential breach of their protected health information. Allegedly, a criminal attacker accessed AMT’s computer system and may have stolen their PHI. A leading national […]

Data Breaches in Texas and Pennsylvania Exposed the PHI of More than 5,000 Patients

January 8, 2018 Site Editor

Two HIPAA-covered entities announced the exposure of patients’ protected health information. The first is Washington Health System Greene in Waynesburg, PA. The other one is Midland Memorial Hospital in Midland, TX. The protected health information […]

Summary of OCR’s HIPAA Enforcement Activities in 2017

January 5, 2018 Site Editor

The Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general continued to aggressively pursue financial settlements for HIPAA Rules violations in 2017. For the 9 HIPAA settlements and one […]

21st Century Oncology Pays $2.3 Million for HIPAA Settlement with OCR

January 4, 2018 Site Editor

21st Century Oncology agreed to pay the Department of Health and Human Services’ Office for Civil Rights (OCR) a settlement fee to resolve its HIPAA violations which was discovered when a 2015 PHI breach involving […]

AMA and Accenture Study Reveals Physicians’ Major Concern on Cyberattacks

January 3, 2018 Site Editor

The American Medical Association (AMA) and Accenture surveyed 1,300 physicians in the United States to know what physicians think about cybersecurity. Based on the responses, it seems sure that cyberattacks will happen. What’s uncertain is […]

UNC Health Care Breach Potentially Impacts 24,000 Patients

January 2, 2018 Site Editor

Thieves stole a computer used by UNC Dermatology & Skin Cancer Center in Chapel Hill, NC on October 8, 2017. The stolen computer’s database contained the protected health information of about 24,000 patients who visited […]

Oklahoma Health Department Required to Re-Notify 47,000 Data Breach Victims

January 1, 2018 Site Editor

The Oklahoma Department of Human Services had a data breach in April 2016. After discovering the breach, Oklahoma DHS notified the people impacted by the breach and the DHS’ Office of Inspector General, but not […]

Ransomware Attack in Hackensack Sleep and Pulmonary Center

December 29, 2017 Site Editor

A ransomware attack encrypted the protected health information of patients in the New Jersey-based Hackensack Sleep and Pulmonary Center. This incident took place on September 24, 2017 but it was only discovered the next day. […]

Why Should the Congress Pass the Data Security and Breach Notification Act?

December 28, 2017 Site Editor

There’s a proposed bill called the Data Security and Breach Notification Act that the Senate will vote on. The purpose of the bill is to standardize the requirements of breach notification across all states. Right […]

Which Government Agency Enforces HIPAA Rules?

December 27, 2017 Site Editor

Healthcare organizations are expected to follow the rules introduced by the Health Insurance Portability and Accountability Act (HIPAA). The question is which federal departments are enforcing HIPAA rules? How can consumers make sure that covered […]

Clinic Worker Who Stole PHI Punished With Five-Year Jail Term

December 26, 2017 Site Editor

A clinic worker gets 5-year jail term for stealing the protected health information of Kirkbride Center’s mentally ill patients and selling them to identity thieves. Jean Baptiste Alvarez, age 43, a resident of Aldan, Philadelphia […]

Compromised Email Accounts Exposed 18,500 Patients PHI

December 23, 2017 Site Editor

A PHI breach occurred at the Henry Ford Health System based in Detroit which impacted about 18,500 patients. The organization became aware of the breach on October 3, 2017. According to the report, the email […]

What Can A Patient Do When There’s A Clear HIPAA Violation?

December 22, 2017 Site Editor

A patient cannot sue a healthcare provider for a HIPAA violation and seek damages even when harm resulted. But it is still possible to take legal action against the covered entity and demand damages for […]

Employees Filed a Lawsuit Against Lincare for Negligence in W2 Phishing Attack

December 21, 2017 Site Editor

Lincare Holdings Inc., one company supplying home respiratory therapy products, had a breach of employee personal data in February 2017. According to the report, an HR department employee emailed the W2 forms of thousands of […]

St. Luke’s Hospital Pays $387,000 to OCR for Disclosing Patient’s HIV Status to His Employer

December 20, 2017 Site Editor

Mount Sinai St. Luke’s Hospital settled a case with the Department of Health and Human Services’ Office for Civil Rights earlier this year. The 2014 case involved alleged HIPAA violations over an impermissible disclosure of […]

CareFirst Asks the Help of Supreme Court to Sort Out Data Breach Lawsuit

December 19, 2017 Site Editor

Hackers attacked the CareFirst BlueCross BlueShield database in 2014 and accessed the protected health information of 1.1 million members. The information exposed included names, birth dates, email addresses and subscriber ID numbers. Following the breach, […]

Healthcare Industry Got the Most Class Action Data Breach Lawsuits in 2016

December 18, 2017 Site Editor

The law firm Bryan Cave, LLP reported an increase in class-action data breach lawsuits faced by the healthcare industry last 2016. This doesn’t mean, however, that the litigation following a breach also increased. Bryan Cave […]

Burglars Stole the Medical Records of 1,000 Patients in New Jersey

December 16, 2017 Site Editor

Patients of Otolaryngology Associates of Central Jersey have been notified of a breach involving their protected health information. Burglars broke in an off-site storage facility of the organization and stole 13 boxes of paper medical […]

Ransomware Attacks Aging Agency Impacting 8,750 Patients

December 13, 2017 Site Editor

A ransomware attack on the Ottawa-based East Central Kansas Area Agency on Aging (ECKAAA) resulted in the file encryption of 8,750 patient’s protected health information (PHI). ECKAAA discovered the attack that happened on September 5, […]

Medical College of Wisconsin Phishing Attack Exposed 9,500 Patients’ PHI

December 10, 2017 Site Editor

A phishing attack on the Medical College of Wisconsin resulted in the potential exposure of protected health information of 9,500 patients. The attack enabled unauthorized access to several employees’ email accounts, which stored sensitive information […]

Volunteers Needed for HIPAA Administrative Simplification Optimization Project Pilot

December 8, 2017 Site Editor

The Department of Health and Human Services is seeking volunteers for a pilot project on HIPAA Administrative Simplification Optimization. The purpose of this project is to make HIPAA compliance reviews for health plans and healthcare […]

Posts navigation

« 1 … 9 10 11 »
  • Site Map
  • About Calculated HIPAA
  • Calculated HIPAA Privacy Policy

© Copyright 2003 to 2022 Calculated HIPAA