Calculated HIPAA

A Calculated Approach to HIPAA Compliance

  • HIPAA Violation News
  • HIPAA Updates
  • HIPAA Advice
  • HIPAA Compliance
    • HIPAA Law
  • HIPAA Violations
  • HIPAA Training
  • HIPAA Penalties
HomeAuthorsSite Editor

Articles by Site Editor

37,000 Gold Coast Health Plan Members Affected by Phishing Attack

October 10, 2018 Site Editor

Gold Coast Health Plan located in Camarillo, CA told its 37,000 plan members that cyber attackers potentially accessed some of their protected health information (PHI) because one of its employees’ email account was compromised. The […]

ECRI Publishes 2019 Top Ten List of Health Technology Hazards

October 9, 2018 Site Editor

The ECRI Institute is a non-profit company that studies new techniques to enhance patient care. It has recently published an annual list that includes the top 10 Health Technology Hazards for 2019. The goal of […]

Cofense Report Shows the High Susceptibility to Phishing Attacks of the Healthcare Industry Compared to Others

October 5, 2018 Site Editor

Phishing is one of the leading causes of healthcare data breaches. Phishers are able to access healthcare data from email accounts. In many incidents, those email accounts contain considerable volumes of highly sensitive protected health […]

ICO Issued the First UK GDPR Notice to AggregateIQ

October 4, 2018 Site Editor

AggregateIQ is an analytics company based in Canada that acted for the Vote Leave campaign. The Information Commissioner’s Office (ICO) issued the first UK GDPR notice to AggregateIQ in connection with business executed in that […]

Claxton-Hepburn Medical Center Employees Terminated for Violating the HIPAA

October 3, 2018 Site Editor

Claxton-Hepburn Medical Center, which is a not-for-profit community hospital based in Ogdensburg, New York, terminated several employees because they accessed patient medical records even though they do not have authorization to do so. The hospital […]

Ohio Living and Tucson Medical Center Breaches Exposed 8.200 Patients’ PHI

October 2, 2018 Site Editor

Ohio Living, which is a firm providing life plan communities and home health services, discovered that an unauthorized individual accessed some of its employees’ email accounts. On July 10, 2018, Ohio Living noticed the suspicious […]

Gynecologist License Revoked for Criminal HIPAA Violation But No Jail Time or Penalty

September 28, 2018 Site Editor

In April 2018, a 65-year old former gynecologist named Rita Luthra from Massachusetts, Longmeadow, was charged with criminal violation of the HIPAA Privacy Rule and federal investigation obstruction. In September 19, 2018, the judge announced […]

Free HIPAA Quiz to Help Healthcare Organizations with HIPAA Compliance

September 27, 2018 Site Editor

The Compliancy Group launched a new free tool called HIPAA Quiz to help organizations assess the present condition of their HIPAA compliance. Healthcare providers that implement policies and procedures in compliance with the Health Insurance […]

UMass Memorial Health Care Pays Massachusetts Attorney General’s Office $230,000 for HIPAA Violations

September 26, 2018 Site Editor

The Massachusetts attorney general fined UMass Memorial Health Care the amount of $230,000 for its HIPAA violations with respect to two data breaches which compromised the protected health information (PHI) of over 15,000 state locals. […]

Three Hospitals Pay $999,000 in HIPAA Penalties Related to Boston Med HIPAA Violations

September 25, 2018 Site Editor

The Department of Health and Human Services’ Office for Civil Rights (OCR) fined three hospitals the amount of $999,000 for allowing an ABC film crew to shoot a video footage of patients for its Boston […]

California Consumer Privacy Act Passed by California Legislature

September 21, 2018 Site Editor

In June 2018, the California Consumer Privacy Act (CCPA) has been passed by the California legislature and thus important changes on how the state law safeguards consumer privacy are expected. The new consumer privacy protections […]

FDA Plans on Expanding the Examination of Medical Device Cybersecurity

September 20, 2018 Site Editor

The Department of Health and Human Services’ Office of Inspector General (OIG) has published a report that is saying the Food and Drug Administration (FDA) must study medical equipment cybersecurity controls more carefully and more […]

CMS Investigates Fairview Southdale Hospital for Videotaping Patients Without Knowledge or Consent

September 19, 2018 Site Editor

The HHS’ Centers for Medicare and Medicaid Services (CMS) investigated Fairview Southdale Hospital, which is located in Edina, MN, because of a supposed patient privacy violation. It was found out that during the psychiatric evaluations […]

Ransomware Attack on Fetal Diagnostic Institute of the Pacific Impacts 40,800 Patients

September 17, 2018 Site Editor

The Fetal Diagnostic Institute of the Pacific (FDIP) based in Honolulu, Hawaii was attacked by ransomware on June 30, 2018. This resulted to the installation of a file-encrypting software on a server, which encrypted different […]

OCR Issues Guidance on Health Data Sharing With the Declaration of a Public Health Emergency

September 13, 2018 Site Editor

On September 12, 2018, President Trump approved the declaration of a federal emergency in the state of Virginia. FEMA resources were also made available to the state. Secretary Alex Azar of the U.S. Department of […]

New Privacy Framework to Help Businesses Protect the Customer and Employee Privacy

September 12, 2018 Site Editor

The National Institute of Standards and Technology (NIST) published a Cybersecurity Framework in 2014 to help private companies in assessing their security policies and improving their ability to stop, identify, and respond to cyberattacks. Figures […]

Apple App Store Privacy Policy Changes After Enforcing the GDPR

September 11, 2018 Site Editor

From October 3, 2018, Apple App Store is going to enforce a new privacy policy regulation that app developers are required to tell users what they do with the collected personal data; how they protect […]

New Mexico Hospital Medical Records Exposed in the Street

September 10, 2018 Site Editor

The New Mexico Department of Health is checking why the personal health documents of a number of of its patients fell off a truck while being transported from the facility to the safe storage location. […]

Guidelines on The Use of Social Media to Avert HIPAA Violations

September 9, 2018 Site Editor

ProPublica published a research in 2015 that revealed the involvement of healthcare employees in HIPAA social media violations in 2015. If not resolved, there will probably be a lot more incidents of HIPAA violation happening […]

66% of UK Companies Do Not Have Cyber Risk Insurance Policies

September 6, 2018 Site Editor

NTT Security’s new report showed that 66% of UK’s senior officers confirmed that their organizations are not ready to cover adequately the fiscal effect of data loss in the event of a data breach. This […]

Arc of Erie County Pays NY Attorney Generals’ Office $200,000 for Security Breach

September 5, 2018 Site Editor

The New York Attorney General fined the Arc of Erie County with $200,000 for Violating HIPAA Rules as a result of failing to safeguard its customers’ electronic protected health information (ePHI). The Arc of Erie […]

ICS-CERT’s Advisory on 9 Philips E-Alert Units Vulnerabilities

September 4, 2018 Site Editor

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued a statement concerning nine vulnerabilities identified in Philips healthcare products upon the Amsterdam-based technology firm statement of the matter to the […]

‘Misfortune Cookie’ Flaw Discovered in Qualcomm Life Capsule Datacaptor Terminal Server

August 31, 2018 Site Editor

There is a code weakness found in Qualcomm Life’s Capsule Datacaptor Terminal Server (DTS) that allows an attacker to get administrator privileges and remotely make changes to the code. The Qualcomm Life Capsule’s DTS is […]

Breach of PHI of 19,570 Missouri Care Members Due to Mis-Maiing

August 30, 2018 Site Editor

Missouri Care made an error in a sending letters to a number of plan members reminding them to schedule well-child visits. Because of the error, the personal data of around 20,000 children was inadvertently exposed […]

Phishing Attack on Los Angeles Drug and Alcohol Treatment Center Impacts 1,790 Patients

August 30, 2018 Site Editor

Authentic Recovery Center is a drug and alcohol treatment center located in West Los Angeles that had lately encountered a phishing attack causing the possible access of personally identifiable information (PII) and protected health information […]

McAlester Hospital in Trouble for Impermissible Disclosure of Medical Information

August 28, 2018 Site Editor

Dennis and Wayne Russell’s adopted two-year old boy named Keon passed away as a result of accidentally drowning. Soon after the boy was brought to McAlester Regional Health Center, they got a telephone call from […]

Ransomware Attack on Central Colorado Dermatology Caused Unauthorized PHI Access

August 22, 2018 Site Editor

Central Colorado Dermatology (CCD) advised around 4,000 patients that hackers possibly viewed some of their protected health information (PHI) due to a ransomware attack on its information system. An unauthorized person obtained access to CCD’s […]

Data Breach at Gordon Schanzlin New Vision Institute Impacts 9,350 Patients’ PHI

August 22, 2018 Site Editor

The Gordon Schanzlin New Vision Institute found in La Jolla, CA, notified thousands of patients about the stealing of their healthcare information after records that contains protected health information (PHI) were found to be in […]

Network Access Via Fax Machine Vulnerability Possible

August 15, 2018 Site Editor

In spite of many communication strategies available, healthcare providers still frequently use faxes for communicating. Some estimates propose as much as 75% of all communications take place by means of fax in the healthcare sector. […]

APWG Reports for Q1 2018 a 46% Increase in Phishing Websites

August 13, 2018 Site Editor

The Anti-Phishing Working Group issued its Phishing Activity Trends Report for Q1 2018 that indicates there was a significant rise in unique phishing webpages found in the first couple of months of 2018 in comparison […]

The PHI of 17,000 Patients from Oregon and Massachusetts Exposed

August 10, 2018 Site Editor

The healthcare records of over 17,000 patients were compromised in two healthcare data breaches in Massachusetts and Oregon. Lane County Health and Human Services located in Oregon has informed over 700 patients about the loss […]

23% of Data Breaches in Q2 2018 Due to Email Account Compromises

August 8, 2018 Site Editor

In the last year, the quantity of email data breach reports progressively went up. The Beazley Breach Insights Report July edition said that 23% of all data breaches documented by BBR (Beazley Breach Response) in […]

Why a GDPR Lead Supervisory Authority Should Be Appointed

August 3, 2018 Site Editor

The GDPR refers to a Supervisory Authority as a self-governing public authority accountable for overseeing GDPR compliance, supporting companies be GDPR compliant, and executing compliance and doing investigations. The supervisory authority should be advised if […]

Request for Information on Federal Health Privacy Rules and Proposed Changes to Be Released by HHS

August 1, 2018 Site Editor

On July 22, Alex Azar, The Heritage Foundation, Secretary of the Department of Health and Human Services (HHS), stated during an address that the HHS is preparing for various changes to the health privacy regulations […]

Massachusetts Bill Seeks 18 Months Zero Cost Credit Monitoring Services for Victims of Data Breach

July 26, 2018 Site Editor

There is a new bill filed in the state of Massachusetts looking to boost protections for people affected by data breaches. The bill entails complimentary credit monitoring services to be provided to people whose private […]

PHI of 3,775 Patients of a New York Physician Potentially Exposed

July 25, 2018 Site Editor

Ruben U. Carvajal, MD, a physician in New York began notifying his patients that unauthorized persons potentially accessed their protected health information (PHI). Dr Carvajal knew about the possible privacy breach on January 3, 2018 […]

Alive Hospice Notifies Patients of PHI Breach Caused By Phishing Attack

July 21, 2018 Site Editor

Alive Hospice in Tennessee found that two of its employees’ email accounts were unsecured because of phishing attacks. While examining Alive Hospice’ email system on May 15, 2018, recurring unauthorized access to the email accounts […]

PHI of 8,400 Billings Clinic Patients Compromised Due to Hacked Email Account

July 19, 2018 Site Editor

8,400 patients’ protected health information (PHI) included in the email account of a personnel of Billings Clinic in Billings, MT was exposed. The cybersecurity systems of the clinic spotted a number of strange activities that […]

Cass Regional Medical Center Reacts Promptly to Ransomware Attack

July 14, 2018 Site Editor

Cass Regional Medical Center in Harrisonville, MO encountered a ransomware attack on July 9, 2018. The ransomware attack impacted its communication network so employees cannot access its electronic medical record (EHR) system. Thankfully, the medical […]

The HIPAA Requirements on Patch Management

July 10, 2018 Site Editor

Healthcare providers are reminded by OCR to follow the HIPAA patch management requirements, which make sure that ePHI privacy, integrity, and accessibility stays secure. Flaws in the software applications code could be exploited by hackers […]

Advanced Cyber Spoofing Attack Revealed by Humana

July 7, 2018 Site Editor

Humana is letting members know that in certain states that an advanced spoofing attack possibly compromised their protected health information (PHI). A spoofing attack is an effort by a bot or threat actor to access […]

Fax Messages with PHI Sent to the Wrong Patient

July 4, 2018 Site Editor

OhioHealth’s Grant Medical Center dispatched fax messages containing the protected health information (PHI) of a patient to the wrong person in the last few months. This is a violation of the HIPAA rules and privacy […]

Hospital Pager Messages Intercepted Resulting in PHI Breach

June 29, 2018 Site Editor

Outdated pager systems are already replaced by secure messaging systems in lots of healthcare companies. Any healthcare provider that may be still utilizing the pager system should be aware of the security breach that recently […]

Employees Suspended for Snooping on Patient Health Records

June 28, 2018 Site Editor

Washington Health System resolved to suspend some employees after finding out about their supposed inappropriate access of patient health information. Even though there’s no confirmation regarding the number of employees that were suspended from their […]

Mobile Technology Greatly Improves Patient Services in Hospitals According to Survey

June 21, 2018 Site Editor

Black Book Research surveyed how much hospitals and physicians use mobile technology. The results revealed that 90% of the hospitals and 94% of physician that participated in the survey have utilized mobile technology and feel […]

1,600 Patients’ PHI Exposed in Terros Health Phishing Scam

June 18, 2018 Site Editor

A personnel in Terros Health in Phoenix was victimized by a phishing scam and by mistake exposed his login information. The attacker gained access to the victim’s email account who likely viewed the protected health […]

Ex-Employees of Hair Free Forever and Muir Medical Group Violate HIPAA Privacy Rule

June 13, 2018 Site Editor

The former employees of Hair Free Forever and Muir Medical Group stole the protected health information (PHI) of patients and gave it to other employers. The patients were informed by the covered organizations concerning the […]

OCR Received Multiple Data Breach Reports by Dignity Health

June 11, 2018 Site Editor

Dignity Health submitted multiple data breach reports and HIPAA violations to the Department of Health and Human Services’ Office for Civil Rights (OCR). The reports included an unauthorized access to the PHI of patients, access […]

Patient Complaints on Obtaining Copies of Their Health Records

June 8, 2018 Site Editor

In the latest Government Accountability Office (GAO) audit as mandated by the 21st Century Cures Act, the data revealed that patients find it hard to obtain copies of their medical information mainly because of high […]

Security Breaches Discovered by Purdue University Potentially Affected 1,711 Patients

June 5, 2018 Site Editor

In April, Purdue University’s security group identified two security breaches which likely granted unauthorized people access to the protected health information (PHI) of patients. A data file on Purdue Univesity Pharmacy’s computers suggests that an […]

April 2018 Healthcare Data Breach Report

June 1, 2018 Site Editor

April was a terrible month as the healthcare sector suffered from an increased number of data breaches and the persons impacted compared to March. The Department of Health and Human Services acquired 41 submissions of […]

Lincare Resolved to Pay $875,000 to Negotiate W-2 Phishing Scam Lawsuit

May 30, 2018 Site Editor

Lincare Inc, a respiratory therapy vendor, consented to pay $875,000 to settle a class-action lawsuit that its employees filed for a breach of their W-2 details. The data breach happened on February 3, 2017 when […]

SamSam Ransomware Attack on Allied Physicians Group of Michiana Potentially Exposed PHI

May 24, 2018 Site Editor

A segment of Allied Physicians Group of Michiana’s network system was down due to a ransomware attack. This episode occurred on May 17, 2018. The attacker encrypted a number of data files stored on the […]

Are EU Citizens Living in the US Secured by GDPR?

May 22, 2018 Site Editor

The General Data Protection Regulation (GDPR) in general is applicable to European Union residents in the EU. However how does the GDPR affect EU citizen when he leaves his country and reside in the US […]

How Healthcare Providers Can Save on AWS EC2 Instances Costs

May 18, 2018 Site Editor

There are numerous benefits to utilizing the cloud. A growing number of healthcare companies are using the cloud for their IT needs like migrating programs, infrastructure and datacenter functions. Even so, a big concern is […]

Class Action Lawsuit on UnityPoint Health Filed By Data Breach Victims

May 14, 2018 Site Editor

UnityPoint Health identified a data breach on February 15, 2018 which led to the compromise of 16,429 patients’ protected health information. It seems that the data breach happened as a result of the failure of […]

How the GDPR Apply to Employee’s Personal Data

May 12, 2018 Site Editor

People ask a lot of questions about the General Data Protection Regulation (GDPR), which is going to be enforced on May 25, 2018. Employees ask how the GDPR apply to their personal data. The GDPR […]

Massachusetts Gynecologist Charged With Criminal HIPAA Violation and Obstruction of Investigation

May 7, 2018 Site Editor

The Department of Justice (DOJ) does not pursue many criminal penalties for HIPAA violations. But in cases of serious patient privacy violation, such as when the protected health information (PHI) is impermissibly disclosed with malicious […]

Terminated Employee Got Hold of PHI of 100 Patients

May 1, 2018 Site Editor

A former employee of Texas Health and Human Services Commission (HHSC) got hold of the protected health information of about 100 patients after being terminated from work. She had collected personal items from her old […]

How will GDPR Affect American Organizations in Protecting Rights to Privacy

April 30, 2018 Site Editor

Many people talk about the General Data Protection Regulation (GDPR) nowadays with its pending enforcement on May 25, 2018. Since the GDPR is an EU law, does it only impact organizations located within the EU? […]

Transcription Services Web Portal Breach Leaked Patients’ PHI

April 27, 2018 Site Editor

MEDantex, a transcription service provider, accidentally left patient medical records unsecured and freely accessible to anyone without the need of a password.  The error in restricting access to a physician’s portal resulted in the exposure […]

Healthcare Data Breach Report for Q1 2018

April 26, 2018 Site Editor

For the first quarter of 2018, the Department of Health and Human Services’ Office for Civil Rights (OCR) received 77 reports of healthcare data breaches. Over one million patients and health plan members were affected […]

Orangeworm Threat Group Used Kwampirs Backdoor to Attack the Healthcare Industry

April 25, 2018 Site Editor

According to Symantec, there’s a recently identified threat group called Orangeworm, which is launching targeted attacks on big healthcare companies in the United States. Orangeworm was first discovered in January 2015. It has been doing […]

PHI of 1,071 Mental Health Patients Disclosed for Over 3 Years

April 24, 2018 Site Editor

The protected health information of 1,071 patients who received medical services at the Des Moines Crisis Observation Center was “accidentally and unknowingly disseminated” for a period of three and a half years. The Crisis Observation […]

Cybersecurity Framework Version 1.1 Released By NIST

April 23, 2018 Site Editor

The updated version of the Cybersecurity Framework was made available by the National Institute of Standards and Technology this April 16, 2018. This framework for improving critical infrastructure cybersecurity was issued initially on February 2014. […]

Healthcare Data Breach Analysis for March 2018

April 20, 2018 Site Editor

The number of healthcare data breaches increased month-over-month. In March 2018, HIPAA covered entities reported 29 security breaches. February 2018 had 25 breach incidents. Though the number of reported data breaches increased in March, there […]

Phishing Attack on UnityPoint Health Compromised Several Employees’ Email Accounts

April 19, 2018 Site Editor

UnityPoint Health discovered that unauthorized individuals accessed the email accounts of several employees. It was found that the email accounts were accessed for a period of three months starting from November 1, 2017 up to […]

Inogen Data Breach Potentially Impacts 30,000 Individuals

April 18, 2018 Site Editor

Inogen is a company that manufactures portable oxygen concentrators. An unauthorized person got the login credentials of one Inogen employee and accessed his email account. The personal information of about 30,000 persons that Inogen provided […]

1,500 Baptist Health Patients Alerted for Possible Credit Card Fraud

April 17, 2018 Site Editor

Baptist Health’s West Kendall Baptist Hospital in Miami, FL discovered that a former employee stole the credit card information of patients then used the details for fraudulent purchases. Baptist Health found out about the misuse […]

The PHI of 63,500 Middletown Medical Patients Impacted by Data Breach

April 16, 2018 Site Editor

The protected health information (PHI) of tens of thousands of Middletown Medical patients was exposed due to a misconfiguration in the security setting of a radiology interface. Middletown Medical, a multi-specialty physician’s group that is […]

Receptionist Stole 653 Patients’ PHI and Penalized With 2 to 6 Years Jail Term

April 13, 2018 Site Editor

A 31-year old former receptionist named Annie Vuong worked at a New York dental practice where she stole the protected health information of over 650 patients. She was sentenced to spend 2 to 6 years […]

Poor Patching Practices Increase the Risk of Exploited Vulnerabilites

April 12, 2018 Site Editor

Ponemon Institute conducted a survey on behalf of ServiceNow to learn about the issues on patching that healthcare and pharmaceutical industries are struggling with. The study revealed that organizations are not patching vulnerabilities promptly hence […]

New Jersey Attorney General’s Office Fined Virtua Medical Group the Amount of $418,000

April 11, 2018 Site Editor

The New Jersey Attorney General’s Office financially penalized Virtua Medical Group for its failure in protecting the privacy of over 1,650 patients. The protected health information of the patients was exposed because of a misconfigured […]

Alabama’s Data Breach Notification Act Enacted

April 10, 2018 Site Editor

Finally, Alabama has a law requiring companies to issue notifications to residents whose personal information has been exposed or compromised because of a data breach. On March 28, 2018, Governor Kay Ivey signed the data […]

Massachusetts Police Department Discovered Cambridge Health Alliance PHI Breach

April 9, 2018 Site Editor

Law enforcement discovered that the protected health information (PHI) of some Cambridge Health Alliance (CHA) patients fell into the hands of an unauthorized person. Everett Massachusetts Police Department notified CHA on January 31, 2018 about […]

State Attorneys General Oppose the DATAS Act

April 6, 2018 Site Editor

Almost all states in the U.S. have their own data breach notification legislation. Now, there are new federal regulations being proposed that could render state level laws obsolete. The Data Acquisition and Technology Accountability and […]

The South Dakota Data Breach Notification Law Has Been Approved

April 5, 2018 Site Editor

All 48 U.S. states are already implementing a Breach Notification Law that requires individuals and companies storing personal information to send a notification letter to individuals when a data breach occurs. South Dakota is one […]

Healthcare Data Breaches Increase Mortality Rates According to Research

April 4, 2018 Site Editor

Owen Graduate School of Management researcher Dr. Sung Choi conducted a study on the effects of data breaches in hospitals. The results indicated a rise in mortality rates at breached hospitals due to a drop […]

What is a HIPAA Violation and How does it Happen?

April 3, 2018 Site Editor

Almost every day of the year there’s a report of a HIPAA violation happening whether in a hospital, health plan or by a healthcare professional. But what is a HIPAA and in what ways is […]

Some Facts About HIPAA and Important HIPAA Rule Updates

April 2, 2018 Site Editor

It’s good to know about the beginnings of the Health Insurance Portability and Accountability Act and how it has changed over the years. HIPAA was signed into law on August 21, 1996 by President Bill […]

What Happens to Healthcare Employees Who Violate HIPAA Rules?

March 30, 2018 Site Editor

Working in healthcare requires a good working knowledge of HIPAA rules.  It requires diligence to ensure compliance with HIPAA rules. When HIPAA rules are violated, there are consequences, whether a healthcare employee does it accidentally […]

Medical University of South Carolina Terminated 13 Employees for HIPAA Violations in 2017

March 29, 2018 Site Editor

Based on the Post and Courier report, 13 Medical University of South Carolina (MUSC) employees were terminated last year because of snooping on patient records, which is a violation of HIPAA Rules. MUSC had a […]

SpamTitan v7.00 Switch to Bitdefender For Primary Antivirus Engine

March 28, 2018 Site Editor

TitanHQ released SpamTitan v7.00, which is the new version of its cloud-based anti spam service. SpamTitan v7.00 has updated features that can protect users more effectively from malicious emails and known threats. It also includes […]

CPLSE-Owned Laptop with Unencrypted PHI Stolen

March 27, 2018 Site Editor

The protected health information of some patients and payment guarantors were compromised because the unencrypted laptop computer that Clinical Pathology Laboratories Southeast Inc (CPLSE) issued to an employee was stolen. CPLSE took immediate action so […]

Over 35,000 ATI Physical Therapy Patients Impacted by Phishing Attack

March 26, 2018 Site Editor

The protected health information of over 35,000 patients at ATI Physical Therapy was potentially accessed by unauthorized persons due to a phishing attack on some employees’ email accounts. ATI discovered the security breach on January […]

PHI of 1,049 Patients Exposed in RoxSan Pharmacy Data Breach

March 23, 2018 Site Editor

RoxSan Pharmacy based in Beverly Hills, CA mailed breach notification letters last month to 1,049 patients. The patients’ protected health information was disclosed to a business associate through unencrypted email on January 20, 2015. The […]

OIG Published the Findings on FISMA Compliance Review of HHS

March 22, 2018 Site Editor

The Department of Health and Human Services’ Office of Inspector General released its review findings on HHS’ compliance with the Federal Information Security Modernization Act (FISMA) of 2014. OIG noted the improvements HHS made to […]

Email Accounts of Primary Health Care Employees Hacked Compromising Patients PHI

March 21, 2018 Site Editor

Malicious persons accessed the email accounts of four employees working in Primary Health Care Inc., which is a non-profit network of community health centers in Des Moines, Marshalltown and Ames, IA. The unauthorized persons may […]

QuadMed Employees Impermissibly Accessed the PHI of More than 9,850 Patients

March 20, 2018 Site Editor

QuadMed, a medical, fitness, physical therapy, laboratory and pharmacy services provider based in Wisconsin, sent notification letters by mail to 9,854 patients informing them that their PHI was potentially viewed without authorization during a privacy […]

BJC Healthcare’s Data Breach Exposed the PHI of 33,420 Patients for 8 Months

March 19, 2018 Site Editor

BJC Healthcare, a non-profit healthcare system, runs two nationally recognized hospitals in St. Louis, Missouri namely St. Louis Children’s Hospital and Barnes-Jewish Hospital plus 13 other hospitals. It has over 31,000 employees, admits more than […]

What HIPAA Changes and Enforcement Outlook Can Healthcare Organizations Expect in 2018?

March 16, 2018 Site Editor

Department of Health and Human Services’ (HSS) Office for Civil Rights (OCR) Director Roger Severino gave some hints on the likely changes affecting the HIPAA in 2018. Because the Trump administration lobbied for a decrease […]

Alabama State Senate Passed the Data Breach Notification Act

March 15, 2018 Site Editor

The Alabama Senate unanimously passed the Alabama Data Breach Notification Act (Senate Bill 318) last February 2017, so now the bill is in the hands of the House of Representatives. Alabama and South Dakota are […]

Two-Email Related Breaches Potentially Impacted 16,000 Individuals

March 14, 2018 Site Editor

Two separate incidents of email-related data breaches were recently reported to OCR. The covered entities involved were Flexible Benefit Service Corportation (Flex) and Kansas Department for Aging and Disability Services (KDADS). The protected health information […]

Healthcare Industry Employees Identified as Top HIPAA Threats

March 13, 2018 Site Editor

The IBM X-Force Threat Intelligence Report mentioned that 71% of healthcare data breaches are because of employee actions. There are two types of employee-related data breaches. Malicious insiders comprise 25% of healthcare data breaches and […]

Compliance With the Updated Common Rule Delayed for 6 Months

March 12, 2018 Site Editor

The Federal Policy for the Protection of Human Subjects was supposed to take effect on January 19, 2018. But its implementation was delayed by 6 months. Compliance date was changed to July 19, 2018. The […]

Private Equity Syndicate Acquires PhishMe and Rebrands as Cofense

March 9, 2018 Site Editor

PhishMe is the top provider of human phishing defense solutions that started its operations in 2007. It recently announced its change in branding beginning February 26, 2018 as it was acquired by a private equity […]

The Second Largest Data Breach in New York Compromised 135,000 Patients’ Records

March 8, 2018 Site Editor

St. Peter’s Surgery & Endoscopy Center in New York was attacked by malware that resulted to giving hackers access to the healthcare data of about 135,000 patients. This is the second largest healthcare data breach […]

ID Numbers of 70,320 Tufts Health Plan Members Exposed

March 7, 2018 Site Editor

Tufts Health Plan had a data breach that exposed the health plan member ID numbers of 70,320 members. The mailing vendor of Tufts Health Plan sent Preferred ID cards to Tufts Medicare Advantage members from […]

Protenus Healthcare Breach Barometer Report for January Published

March 6, 2018 Site Editor

The Protenus Healthcare Breach Barometer report recently published that about 473,807 patient medical records were exposed or stolen in January 2018. That figure is not yet final as 11 of the 37 breaches have yet […]

Insurance Provider Declines Audit Says OPM OIG

March 5, 2018 Site Editor

Health Net California, a benefit-provider for federal employees, has been tagged as unwilling to submit to a recent security audit according to the Flash Audit Alert issued by the U.S. Office of Personnel Management (OPM) […]

Posts navigation

« 1 … 10 11 12 »
  • Site Map
  • About Calculated HIPAA
  • Calculated HIPAA Privacy Policy

© Copyright 2003 to 2022 Calculated HIPAA