Recent HIPAA News
-
Seattle Children’s Hospital Website Tracking Technology Lawsuit Dismissed with Prejudice A Washington court dismissed with prejudice the class action lawsuit filed against Seattle Children’s Hospital (SCH) concerning its usage of pixels and other tracking technologies [...]
-
The number of healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) in February dropped with 59 data breaches involving 500 and up records reported. The breaches [...]
-
Senator Mark R. Warner (D-VA) presented new legislation that will approve advance and faster payments to healthcare companies in case of a cyberattack. The new legislation was prompted by the ransomware attack on Change Healthcare, [...]
-
The Department of Health and Human Services’ Office for Civil Rights (OCR) has released updates on the guidance for entities covered by the Health Insurance Portability and Accountability Act (HIPAA) about online tracking technologies. The [...]
-
NSA Releases Guidance on Implementing Zero Trust to Restrict Lateral Movement The National Security Agency (NSA) has released guidance on implementing zero trust security to restrict lateral movement inside a network when a threat actor [...]
-
The Department of Health and Human Services (HHS) has reported the Blackcat ransomware attack on UnitedHealth Group-managed Change Healthcare in February 2024. The attack affected over 100 of Change Healthcare’s systems, which subsequently impacted the [...]
-
Feds Alerts Healthcare Industry Concerning ALPHV/Blackcat Ransomware Group A joint cybersecurity notification was given by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human [...]
-
Ransomware Attack on Maryland Psychotherapy Provider Ended in HIPAA Penalty The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) resolved the supposed Health Insurance Portability and Accountability Act (HIPAA) violations with [...]
-
January had 61 data breach reports involving 500 and up records submitted to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), a 22% month-over-month decrease in reported data breaches. [...]
-
California AG Accepts $5 Million Settlement with Quest Diagnostics Concerning Improper Disposal of Waste and Patient Information California Attorney General Rob Bonta has reported that a $5 million settlement with Quest Diagnostics has been approved [...]
-
U.S. Fertility Offers to Pay $5.75 Million Settlement of Class Action Data Breach Lawsuit U.S. Fertility LLC, which operates over 100 fertility clinics throughout the U.S., has offered to pay $5.75 million to resolve a [...]
-
Lincare Holdings Offers $7.25 Million Settlement of Data Breach Lawsuit Regarding the Lincare Holdings Inc. Data Breach Litigation, Lincare Holdings proposed a $7.25 million settlement to resolve the class action lawsuit filed over a data [...]
-
Netherlands COVID-19 Testing Laboratory Database Exposed A medical lab based in the Netherlands that was used as a COVID-19 testing center has left a database compromised online that included the sensitive information of about 1.3 [...]
-
December had the second-highest number of data breach reports for 2023. The Department of Health and Human Services (HHS) Office for Civil Rights had 74 healthcare data breach reports involving 500 and up records in [...]
-
Singing River Health System has reported the compromise of the PHI of 253,000 patients due to a ransomware attack in August 2023. Data breach reports from Fincantieri Marine Group, Highlands Oncology Group, Family Healthcare, and [...]
-
Class action lawsuits had been filed against ESO Solutions because of a recently announced cyberattack and data breach that impacted just about 2.7 million people. The data breach affected sensitive data like names, contact details, [...]
-
November’s reported breaches involving 500 and up healthcare records increased by 45% with 61 big data breaches reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR). For the 2023 [...]
-
Liberty Hospital based in Kansas City is dealing with a cyberattack that has upset its IT systems. The cyberattack was discovered on December 19, 2023, and it was decided to reroute ambulances to other hospitals [...]
-
Proliance Surgeons Faces Lawsuit Over Ransomware Attack and Data Breach Surgery group Proliance Surgeons based in Seattle, Washington is facing a class action lawsuit due to a recently reported ransomware attack and data breach that [...]
-
CarePointe ENT Resolves HIPAA Lawsuit with Indiana Attorney General At the end of September 2023, Indiana Attorney General Todd Rokita submitted a lawsuit against CarePointe ENT involving a ransomware attack that resulted in a data [...]
-
Longhorn Imaging Center Data Breach South Austin Health Imaging LLC, dba Longhorn Imaging Center based in Austin, TX, has just reported a case of hacking to the HHS’ Office for Civil Rights indicating that 100,643 [...]
-
October saw a drop in the number of reported data breaches involving 500 or more healthcare records. Only 40 data breaches were reported by HIPAA-regulated entities in October, making the 12-month average of 54 breaches [...]
-
About 9 million patients were impacted by a cyberattack on Perry Johnson & Associates. This transcription service provider’s data breach is the second-biggest healthcare data breach this 2023 and it is the 6th biggest healthcare [...]
-
Doctors’ Management Services to Pay OCR $100,000 to Settle HIPAA Probe The HHS’ Office for Civil Rights (OCR) has agreed to accept $100,000 from Doctors’ Management Services to settle a ransomware attack and data breach [...]
-
Brooklyn Premier Orthopedics (BPO) based in New York has reported the potential access and theft of the protected health information (PHI) of 48,459 patients in a recent cyberattack. As per BPO’s breach notice dated October [...]
-
Healthcare data privacy improved in September with the least reported healthcare data breaches since February 2023. There were 48 data breaches involving 500 and up records reported to the HHS’ Office for Civil Rights (OCR) [...]
-
The Medicare and Medicaid plan provider, CareSource, based in Dayton, OH is facing multiple class action lawsuits associated with a cyberattack that resulted in a data breach. The Clop ransomware group took advantage of a [...]
-
Healthcare data breaches in August increased by 21.4% month-over-month. There were 68 data breaches involving 500 or more records that were reported to the HHS’ Office for Civil Rights. August is now the second-worst month [...]
-
284K Oak Valley Hospital District Patients Affected By Cyberattack Oak Valley Hospital District in Oakdale, CA, has recently informed 283,629 patients concerning the exposure of their sensitive information due to a cybersecurity incident. The hospital [...]
-
HIPAA training is typically required annually for healthcare employees, following industry best practices, with new employees mandated to receive training as part of their orientation process, and annual refresher courses are essential to ensure that staff stays current with [...]
-
TikTok’s $368 Million Penalty for Child Privacy Violations The Irish Data Protection Commission (DPC) has reported that it finally made a decision regarding its inquiry into TikTok. It imposed a financial penalty of €345 million [...]
-
Two Class Action Lawsuits Filed Against CentroMed Over 350,000-Record Data Breach El Centro Del Barrio, doing business as CentroMed in San Antonio, TX, is dealing with two class action lawsuits because of a cyberattack in [...]
-
Fashion merchant Forever 21 has informed the Maine Attorney General about a data breach wherein the health plan information of 539,207 present and past employees was compromised. Forever 21 sent breach notification letters to all [...]
-
Potential HIPAA Right of Access Violation Resolved for $80,000 The UnitedHealthcare Insurance Company (UHIC) agreed to pay $80,000 to resolve an alleged inability to give prompt access to Protected Health Information (PHI). The voluntary settlement [...]
-
Reported data breaches in July dropped by 15.2% with 56 breaches involving 500 and up records reported to the HHS OCR making July just an average month in terms of data breaches. In the last [...]
-
1.2 Million Record Data Breach Results in Tampa General Hospital Lawsuit Tampa General Hospital (TGH) is getting sued for a data breach wherein hackers acquired access to the sensitive information of about 1.2 million individuals. [...]
-
As per the Department of Health and Human Services Office for Civil Rights (OCR) breach website, there is a 12% month-over-month decrease in the number of healthcare data breaches involving 500 and up records. HIPAA-covered [...]
-
The key provisions of the HIPAA law include ensuring the privacy and security of PHI, setting national standards for electronic health care transactions and code sets, establishing unique identifiers for health care providers and health [...]
-
HIPAA violations can result in severe consequences and penalties, including civil fines ranging from $100 to $50,000 per violation, criminal penalties leading to imprisonment of up to ten years for willful neglect, reputational damage, loss [...]
-
For professionals in healthcare, adding HIPAA certification to their resume not only demonstrates compliance but also underlines their commitment to upholding the highest standards of privacy and professionalism. Integrating your HIPAA certification into your CV [...]
-
The HITECH Act was enacted to promote the adoption and meaningful use of electronic health records (EHRs) in the healthcare industry, improve the security and privacy of health information, enhance healthcare quality, and stimulate the [...]
-
HIPAA penalties for improper disposal of records can result in fines, ranging from $100 to $50,000 per violation depending on the level of negligence, up to an annual maximum of $1.5 million for each category [...]
-
The HIPAA law impacts business associates by holding them directly accountable for safeguarding PHI they handle on behalf of covered entities, requiring them to sign a Business Associate Agreement (BAA) with covered entities outlining their [...]
-
PHI stands for Protected Health Information, which refers to any individually identifiable health information that is collected, created, or transmitted in relation to healthcare services and is protected by privacy and security regulations. PHI is [...]
-
In the event of a healthcare data breach leading to a potential violation of the HIPAA, it is necessary for the covered entity or business associate involved to promptly assess the breach’s extent and nature, [...]
-
Good Samaritan Hospital Resolves Class Action Data Breach Lawsuit Good Samaritan Hospital located in San Jose, CA, has decided to resolve a class action lawsuit that was submitted because of a data breach that compromised [...]
-
A breach of HIPAA compliance occurs when there is an unauthorized acquisition, access, use, or disclosure of PHI that compromises the security or privacy of an individual’s health data, whether intentional or unintentional and violates [...]
-
The HIPAA law guidelines for patient rights in mental health include the right to access and request amendments to their mental health records, the right to obtain a written notice of privacy practices, the right [...]
-
To report HIPAA violations effectively, gather all relevant information about the incident, including the date, time, location, people involved, and nature of the violation, ensure that the organization is compliant with any internal reporting procedures, [...]
-
HIPAA was enacted on August 21, 1996, as a federal law in the United States, with the primary aim of improving healthcare portability, ensuring health insurance coverage for individuals transitioning between jobs, and establishing comprehensive [...]