The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory regarding a new ransomware variant that is employed in attacks on a number of industry sectors, such as medical care. To date, the […]
Full-service home medical equipment firm, Health Aid of Ohio in Parma, OH, has learned that unauthorized people obtained access to its networks and stolen a number of files. The data breach was identified on February […]
CaptureRx, a 340B administrative services provider to healthcare organizations in San Antonio, TX, has experienced a ransomware attack that resulted in the theft of files that contain the protected health information (PHI) of its customers’ […]
Elekta, a Swedish provider of oncology and radiology system, is recovering from a cyberattack that shoved it to take offline its first-generation web-based storage platform on April 20, 2021. Even though the firm has reported […]
The healthcare provider Scripps Health located in San Diego experienced a ransomware attack on May 1, 2021 which compelled it to shut down its information technology systems. Scripps Health manages four hospitals throughout the San […]
Doctors Medical Center of Modesto (DCM) in California has found out that a service provider employed by a former vendor inadvertently exposed patient information over the web. DCM had hired the SaaS platform company Medifies […]
The Wyoming Department of Health (WDH) has found out that the protected health information (PHI) of 164,021 people were accidentally exposed on the internet because of a mistake made by a member of its employees. […]
An email security breach at HME Specialists LLC, doing business as Home Medical Equipment Holdco, resulted in the potential compromise of the protected health information (PHI) of 153,013 people. HME Specialists found suspicious activity within […]
Due to the escalating danger from ransomware attacks, the U.S Department of Justice has started a brand new Ransomware and Digital Extortion Task Force that is going to focus on the whole ransomware ecosystem. The […]
A cyberattack on CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC) resulted in the theft of CHPDC members’ protected health information (PHI). CHPDC, formerly called Trusted Health Plans, found out that its computer […]
Pressure between Russia and the U.S. is increasing because of the nonstop cyberattacks on private and public sector establishments as well as the U.S. government by Russian government hackers. The National Security Agency (NSA), DHS’ […]
Compliancy Group has certified that SageData, the business intelligence platform provider from Bulgarian, has effectively enforced a HIPAA compliance program and is keeping the regulatory requirements of the HIPAA Security Rule, Privacy Rule, Omnibus Rule, […]
The U.S. National Security Agency (NSA) has reported four zero-day vulnerabilities identified in Microsoft Exchange Server versions 2013, 2016, and 2019 which are employed for on-premises Microsoft Exchange Servers. Quick patching is necessary as threat […]
The business and technology consulting company Fresh Gravity has been verified by Compliancy Group as having undertaken all required actions to show compliance with the HIPAA Security Rule, Privacy Rule, Omnibus Rule, Breach Notification Rule, […]
The DHS Cybersecurity and Infrastructure Security Agency (CISA) has introduced a brand new tool to go with the open-source Sparrow detection tool based on PowerShell that was launched in December 2020 to support network defenders […]
Advanced persistent threat (APT) actors are exploiting vulnerabilities in the Fortinet FortiOS operating system to gain access to servers to get into networks as pre-positioning for follow-on data exfiltration and information encryption attacks. In the […]
Compliancy Group has reported that Kleva Health Inc. has an appropriate HIPAA compliance program in place and is satisfying the prerequisites of the HIPAA Rules. Kleva Health as a digital health technology firm offers a […]
Wake Forest Baptist Health made an announcement that an unauthorized individual acquired access to the systems of Healthgrades Operating Co. Inc, its technology vendor between October 16 and October 28, 2020 and possibly viewed or […]
Security company Proofpoint has associated the Advanced Persistent Threat (APT) group called Charming Kitten with a spear-phishing campaign carried out at the end of 2020 aimed towards senior pros at medical research institutions in the […]
At the beginning of 2020, phishers began taking advantage of the pandemic and changed from their typical lures to many pandemic-associated themes for their campaigns. After one year since the COVID pandemic began, researchers at […]
The Compliancy Group has certified WellnessLiving, a top-rated business management software provider for health and wellness companies, as HIPAA compliant. Any software company that offers products that are likely to access PHI is categorized as […]
Cancer Treatment Centers of America is notifying 104,808 of its Midwestern Regional Medical Center patients regarding the potential access by an unauthorized person to some of their protected health information (PHI) that is included in […]
In February 2021, reported data breaches involving 500 or more healthcare records increased by 40.63%. There were 45 data breaches reported to the Department of Health and Human Services’ Office for Civil Rights, almost all […]
Compliancy Group certifies Canary Global Inc. as having a good HIPAA compliance program setup. Canary Global Inc. is a medical technology firm that has created a selection of revolutionary medical devices, software programs, and services, […]
MyWoundDoctor Inc. has been certified by Compliancy Group as having a good HIPAA compliance plan and is dedicated to making sure that all electronic protected health information (ePHI) recorded and sent by its telehealth mobile […]
On January 12, 2021, Colorado Retina Associates in Denver found out that an unauthorized person accessed the email account of one employee and utilized it to send out phishing emails to contacts listed in the […]
Health plan management and back-office services provider PeakTPA based in St. Louis, MO-based provider reported a cyberattack with protected health information (PHI) theft that occurred on or approximately December 28, 2020. PeakTPA detected the security […]
Premier Diagnostics, a COVID-19 testing service based in Utah, has accidentally compromised the protected health information (PHI) of thousands of people. Bob Diachenko of Comparitech discovered two exposed Amazon S3 buckets on February 22, 2021. […]
About 207,000 people were confirmed to have been impacted by a ransomware attack on St. Cloud-based Netgain Technology LLC and that number may still go up. A number of entities in the healthcare sector, such […]
Making changes to the HIPAA Rules is not frequent, therefore whenever there is a proposition for updates, a range of new specifications and updates to existing terms is commonly included. Before undertaking any updates, a […]
On March 4, 2021, Senator Robert Menendez (D-New Jersey), and Reps. Mikie Sherrill (D-New Jersey) and Bonnie Watson Coleman (D-New Jersey)wrote a letter advocating the Federal Trade Commission (FTC) to begin imposing the Health Breach […]
Governor Ralph Northam has signed into law the Virginia Consumer Data Protection Act (CDPA). CDPA mandates persons doing business in the Commonwealth of Virginia to follow new data privacy and security standards. The CDPA will […]
The IBM X-Force published a new report that shows healthcare cyberattacks had a 100% increase in 2020 and 28% of attacks were ransomware attacks. The substantial increase in healthcare sector cyberattacks put the sector on […]
2020 was a notably awful year for the healthcare industry in terms of ransomware attacks. Fortune 500 healthcare system Universal Health Services (UHS) based in King of Prussia, PA suffered one of the worst ransomware […]
The performance analytics and end-user experience solution provider Accedian based in Montreal, Canada has been certified as HIPAA compliant by Compliancy Group. Accedian’s solutions help its clients with their digital infrastructure, at the same time, […]
Covenant Healthcare based in Saginaw, MI has found out that an unauthorized individual acquired access to two email accounts of employees. The account held the protected health information (PHI) of roughly 45,000 patients. The healthcare […]
The last day for reporting healthcare data breaches involving less than 500 records that were identified in 2020 is on March 1, 2021. Until then, HIPAA-covered entities and business associates can submit their breach reports […]
Kroger made an announcement that it has encountered a data security incident, which exploited the SQL injection vulnerabilities found in its Accellion File Transfer Appliance (FTA). The Accellion FTA is an old appliance that was […]
Grand River Medical Group based in Dubuque, OH found out that an unauthorized person acquired access to an employee’s email account and might have seen or gathered the protected health information (PHI) of 34,000 patients. […]
A Campbell County Health (CCH) personnel had done an email error that led to the impermissible disclosure of the protected health information (PHI) of 900 people. The health system based in Gillette, WY found out […]
TeleVine Therapy based in New Philadelphia, OH was independently confirmed to have an effective HIPAA compliance program. TeleVine Therapy is a first-class speech and language therapy services provider serving the residents of Ohio, Pennsylvania, and […]
Compliancy Group has certified that Send Mammogram has put in place an appropriate HIPAA compliance program and is found compliant with the criteria as outlined in the Health Insurance Portability and Accountability Act. With its […]
The National Cyber Investigative Joint Task Force (NCIJTF) published a ransomware fact sheet to increase awareness regarding the ransomware attack threats and offer information that could be used to avoid and offset attacks. An interagency […]
University of Pittsburgh Medical Center (UPMC) has reported that the protected health information (PHI) of over 36,000 patients was potentially accessed by unauthorized persons subsequent to a cyberattack on a company that provides UPMC with […]
Compliancy Group has certified The Speech Paradigm LLC as having put in place an efficient HIPAA compliance program. The program is found to be in compliance with the requirements of the HIPAA Security, Privacy, Breach […]
Cybersecurity firm Imperva released a report that showed significant growth of attacks on healthcare sector web apps. Imperva Research Labs noted 51% more web app attacks for the period November 2020 to December 2020, the […]
Europol stated that the well known Emotet Botnet was taken down in association with a multinational law enforcement operation. Law enforcement agencies in the United States, Europe, and Canada controlled the Emotet infrastructure, which is […]
Compliancy Group has certified that Team Keep has passed the compliance requirements of the Health Insurance Portability and Accountability Act (HIPAA). Team Keep is a nonprofit company that offers a safe online document storage service […]
Lake Region Healthcare located in Fergus Falls, Minnesota is having an investigation of a ransomware attack detected on December 22, 2020. The ransomware attack impacted a number of systems of the healthcare company that interrupted […]
2020 ended with healthcare data breach reports at the rate of two each day, which is two times the rate of breach reports last January 2020. There was a 31.9% month over month increase in […]
Ransomware attacks have had a big impact on companies and organizations in the United States, and 2020 was in particular a bad year. Ransomware gangs targeted the healthcare sector, education industry, and federal, state, and […]
Compliancy Group has certified that COPS Monitoring based in Williamstown, NJ, the biggest professional monitoring provider in the United States, has put in place a good HIPAA compliance program. The regulatory requirements of the Health […]
Minnesota South Country Health Alliance based in Owatonna, MN has identified that an unauthorized individual got access to a staff’s email account that held the protected health information (PHI) of 66,874 of its members. The […]
The Federal Bureau of Investigation (FBI) published a Private Industry Advisory regarding the growing number of cases of Egregor ransomware attacks. This ransomware-as-a-service operation was first discovered in September 2020. The attackers behind the Egregor […]
An email security breach at LSU Health University Medical Center-New Orleans led to the probable exposure of the protected health information (PHI) of some patients. LSU Health New Orleans Health Care Services Division earlier announced […]
Custom Internet Services LLC based in Winfield, KS provides Information Technology solutions to small- and medium-sized companies and institutions. It recently received a certification from Compliancy Group confirming that it has implemented an appropriate HIPAA […]
Prestera Center for Mental Health Services, West Virginia’s biggest behavioral health services provider, became aware that an unauthorized person potentially obtained access to the protected health information (PHI) of a small number of its present […]
Compliancy Group has certified Brightside Behavioral Health based in Warwick, Rhode Island to be in compliance with the Health Insurance Portability and Accountability Act (HIPAA) after implementing an efficient HIPAA compliance plan. Brightside Behavioral Health […]
Compliancy Group has certified that Miiskin has achieved Health Insurance Portability and Accountability Act (HIPAA) compliance after completing all required steps to follow the HIPAA rules. Miiskin is a provider of an application and teledermatology […]
2020 was the most awful ever year when it comes to healthcare industry data breaches. There were 616 data breaches involving 500 or more health records documented by the HHS’ Office for Civil Rights. Those […]
The U.S. National Security Agency (NSA) issued a cybersecurity advisory concerning the activity of Russian state-sponsored hacking groups targeting a vulnerability found in VMWare virtual workspaces that is used for performing remote work. The vulnerability […]
Atlantic.net in Orlando, Florida made statements concerning big changes that will help improve its performance, make its billing more accurate, and allow it to deliver better overall customer assistance. The hosting provider currently provides its […]
The DHS’ Cybersecurity and infrastructure Security Agency has created a website offering information about the current cyber activities of the advanced persistent threat (APT) gang behind the compromise of the SolarWinds Orion software supply chain. […]
Compliancy Group has certified that KeyReply, an enterprise SaaS AI chatbot software company, has integrated an appropriate HIPAA compliance program. KeyReply offers a web- and on-premise chatbot and conversational AI tool for the medical care […]
The number of healthcare data breaches reported dropped again last November; however, take note that the number of reported breaches in October 2020 was thrice the average monthly number mostly because of the ransomware attack […]
Meharry Medical College located in Nashville, TN found an email account breach that possibly allowed unauthorized persons to get access or steal the protected health information (PHI) of up to 20,983 patients. Meharry Medical College […]
Jacksonville Children’s and Multispecialty Clinic (JCMC) is now certified as fully HIPAA compliant after completing Compliancy Group’s established HIPAA compliance system. JCMC is operating a number of clinics in the counties of Onslow, New Hanover […]
The Federal Bureau of Investigation (FBI) has released a private industry notice regarding the increasing DoppelPaymer ransomware activity and the threat actors’ change in strategy to compel victims into paying the ransom. DoppelPaymer ransomware first […]
Cedar Springs Hospital based in Colorado Springs, CO is informing some patients regarding the loss of a portable storage unit that had their protected health information (PHI) last October 2020. The hospital gave a copy […]
Horizon Information Systems, Inc based in Johnstown, PA, a software solutions developer serving human service and community action organizations, has received its Health Insurance Portability and Accountability Act (HIPAA) compliance approval from the Compliancy Group. […]
A phishing attack on Tufts Health Plan resulted in the compromise of the protected health information (PHI) of 60,545 members’ of EyeMed, a vision benefits management company. EyeMed uncovered the phishing attack on July 1, […]
GBMC HealthCare located in Towson, MD reported a ransomware attack that happened on December 6, 2020 causing the taking down of its computer network. The healthcare company currently implements EHR downtime protocols while it controls […]
Dental Care Alliance, LLC based in Sarasota, FL, a dental support provider with more than 320 affiliated dental practices in 20 states, was hacked and potentially compromising the protected health information (PHI) of over a […]
Montefiore Medical Center and Mercy Health have reported insider data breaches in the past few days. In both breaches, an employee accessed patient information even if there was no valid work reason for doing so. […]
Researchers at Ben-Gurion University in Israel talked about a potential bioterrorist attack that could jeopardize the synthetic DNA supply chain. DNA synthesis providers may be misled into creating unsafe DNA sequences, skipping present security controls, […]
Four vulnerabilities were identified in the OpenClinic software, the most critical of which could possibly permit unauthorized people to get around authentication and access protected health information (PHI). A lot of private clinics, hospitals, and […]
University of Minnesota Physicians recently experienced a phishing attack that permitted unauthorized people to obtain access to two workers’ email accounts. One email account was accessible from January 30 to January 31, 2020 and the […]
AspenPointe based in Colorado Springs, a provider of mental health and behavioral health services, has reported a cyberattack in September 2020 that resulted in the potential compromise of patient information. Because of the attack, the […]
Compliancy Group has certified Easy Way Delivery Services as Health Insurance Portability and Accountability Act (HIPAA) compliant after demonstrating it has effectively complied with its requirements. The HIPAA Seal of Compliance was awarded to Easy […]
A recent private industry alert from the Federal Bureau of Investigation (FBI) revealed that threat actors that use Ragnar Locker ransomware have increased their attacks and have been choosing businesses and organizations in different sectors […]
The number of reported data breaches to OCR for October is well above average. It was 33.68% less than September’s with 63 reported breaches involving 500 or more records, but it was still 41.82% above […]
The Compliancy Group has certified Daisee, a speech and sentiment analytics software company, as having an efficient HIPAA compliance program. Daisee is an acronym that stands for Deep Artificial Intelligence for Enterprise Ecosystem. The company […]
The biggest eyewear business in the world, Luxottica, had a cyberattack that affected several websites managed by the company. Luxottica is the owner of the popular eyewear brands Persol, Ray-Ban, and Oakley. It produces designer […]
Office 365 users have been cautioned regarding a continuous phishing campaign that collects user credentials. The attackers utilize sophisticated strategies to circumvent email security defenses and social engineering techniques to trick company personnel into going […]
According to Microsoft, Advanced Persistent Threat (APT) groups in North Korea and Russia are directing attacks on companies engaged in COVID-19 research and vaccine development. Three APT groups have targeted six big pharmaceutical companies and […]
A phishing attack affected the Department of Human Services, North Dakota Department of Health, Cavalier County Health District, and other state departments that resulted in the compromise of employee email accounts from November 23 to […]
A ransomware attack on First Impressions Orthodontics, a Professional Dental Alliance of Connecticut PLLC’s subsidiary, occurred on September 28, 2020 that resulted in the potential compromise of the protected health information (PHI) of 23,000 patients. […]
The BD Alaris PC Unit identified a medium severity vulnerability that could be exploited to bring about a denial of service attack and a drop in wireless capacity. Medigate discovered the vulnerability and reported it […]
The TrickBot botnet is being used to conduct a new phishing campaign that delivers the Buer loader and Bazar backdoor malware. Researchers at Area 1 Security detected the campaign that has been operating since early […]
RevoluIT based in Frankfort, IL is an IT and small business consulting company serving the healthcare industry was certified as compliant with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) after taking […]
Ransom Demands Continue to Increase The Coverware Quarterly Ransomware report for Q3 2020 reveals that the average ransom demand progressively increased during the last 8 quarters, though the quarterly growth was more significant every quarter […]
Coveware has published its Quarterly Ransomware report for the third quarter of 2020 and featured the hottest ransomware attack developments. The report notes that data exfiltration before deploying the ransomware remains a well-liked tactic. About […]
An unauthorized person had accessed the email account of an employee of Centerstone, which provides mental health and substance use disorder treatment services in Illinois, Indiana, Florida and Tennessee. Centerstone detected strange activity in the […]
computer systems remained offline, it is still providing patient care. The hospital’s emergency and urgent care departments are open and are fully operational. Most scheduled elective procedures will proceed as scheduled. Right now, while the […]
Compliancy Group made an announcement that health tech start-up BIONWORKS has attained compliance with the Health Insurance Portability and Accountability Act (HIPAA) requirements. BIONWORKS develops an advanced ML-driven enterprise mobility software program for the healthcare […]
The coronavirus pandemic has triggered a significant increase in healthcare providers extending telehealth services to individuals. Virtual consultations are being made available to minimize the number of individuals traveling to hospitals and clinics to restrict […]
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI) have given an advisory regarding elevated Ryuk ransomware activity directed at the public […]
On October 11, 2020, Sonoma Valley Hospital based in California encountered a computer security breach that resulted in the shutdown of its computer systems, hence “a significant downtime event” occurred. The hospital went ahead with […]
LuxSci, a provider of HIPAA-compliant email communications services based in Massachusetts, has reported that it has gotten HITRUST CSF Certification. The HITRUST Common Security Framework (CSF) is an all-inclusive, certifiable platform for companies that generate, […]
September is awful in terms of data breaches. HIPAA-covered entities and business associates reported 95 data breaches involving at least 500 records. The increase in breaches is 156.75% compared to last August 2020. There wasn’t […]
© Copyright 2003 to 2021 Calculated HIPAA