Mailing Error at CMS Vendor Impacts 10,000 Medicare Beneficiaries The Centers for Medicare & Medicaid Services (CMS) has began informing a number of Medicaid beneficiaries regarding an impermissible disclosure of their protected health information (PHI) […]
Monthly data breach reports include data breaches involving 500 and up records that were reported each month to the Department of Health and Human Services’ Office for Civil Rights (OCR). The monthly reports show the […]
109K-Record Data Breach at Online Alcohol Counseling Service Provider Alcohol addiction and treatment service provider Monument Inc. based in New York recently informed about 109,000 persons regarding an impermissible disclosure of their personal data and […]
In the last 12 months, there is an increase in ransomware and phishing attacks on companies. Costs related to such attacks also increased. According to IBM Security, in 2022, the data breach average cost is […]
Over the past three months, the number of healthcare data breach reports has remained somewhat the same. February just had a little increase in breaches with 43 data breaches involving at least 500 records reported […]
3,100 Patients Records Impermissibly Viewed by Beacon Health System Employee Beacon Health System (BHS) based in South Bend, IN reported that an employee accessed the health records of 3,117 patients without valid work reason. BHS […]
Rehmann is Certified as HIPAA Compliant The fully integrated professional advisory and resource management company, Rehmann based in Troy, MI, was lately certified as fully compliant with the federal requirements of the HITECH Act and […]
HHS Restructuring Needed to Increase Efficiency of HIPAA Enforcement The U.S. Department of Health and Human Services (HHS) has restructured its Office for Civil Rights (OCR) and has established new divisions that are going to […]
January is often a quiet month for healthcare data breaches and January 2023 was no different. There were 40 data breaches involving 500 and up records reported to the HHS’ Office for Civil Rights. The […]
Digital marketing agency, Rise Interactive Media & Analytics, LLC, based in Illinois recently reported that attackers acquired access to its digital platform on November 14, 2022, and possibly viewed or extracted the information of a […]
At the end of January, the U.S. Department of Labor Occupational Safety and Health Administration (OSHA) issued new enforcement guidance that lets the agency take a more aggressive position on critical violations of the Occupational […]
Blackberry has lately released its Global Threat Intelligence Report, which gives useful and contextualized intelligence that may be employed to enhance cyber strength. The report used information gathered by Blackberry and threat intelligence furnished by […]
BayCare Clinic Reported Data Breach Related to Pixel The healthcare provider BayCare Clinic, LLP based in Wisconsin lately reported that the protected health information (PHI) of around 134,000 patients was impermissibly disclosed to unauthorized third […]
Using AI in healthcare has a lot of advantages, such as the acceleration of drug creation and the analysis of medical images. However, the same AI systems that help healthcare can likewise be employed for […]
ADEC Innovations Healthcare was just certified as fully compliant with all pertinent terms of the HIPAA Security, Privacy, Omnibus, and Breach Notification Rules, and the HITECH Act. As a service provider to the healthcare sector, […]
Although it is hard to get exact information on the number of ransomware attacks being done on healthcare companies, the available information indicates a drop in attacks throughout all industries when compared to the number […]
There are fewer reported healthcare data breaches for two consecutive months. December 2022 had 40 data breaches involving 500 and up healthcare records, which is the lowest monthly number in 2022. The reported healthcare data […]
Healthcare ransomware attacks have increased twofold in the past 5 years, file recovery from backups has dropped, and it is now usual for information to be stolen and released to the public right after a […]
Heartland Alliance located in Chicago, IL, a social justice and human rights organization, announced on December 15, 2022, that it experienced a cyberattack. The organization discovered the security breach on January 26, 2022, and took […]
In June 2022, it was reported that Fitzgibbon Hospital based in Marshall, MO suffered a ransomware attack, which the DAIXIN Team threat group claimed responsibility for. According to the group’s spokesperson, the hospital’s systems were […]
Many ransomware attacks are still carried out on healthcare companies, however, finding out the magnitude to which healthcare providers are being attacked by ransomware groups is a difficult task. Ransomware attack victims do not usually […]
November had 31% fewer healthcare data breaches reported compared to October 2022. November had a total of 49 breaches involving 500 and up records, which is below the 58 breaches per month 12-month average. In […]
Plaintiffs in a consolidated class action lawsuit against Meta lately sought an injunction versus Meta to make the company discontinue accumulating and transmitting information gathered from the sites of healthcare companies via Meta Pixel tracking […]
Midwest Orthopaedic Consultants based in Illinois has reported that unauthorized persons accessed its computer system and encrypted files using ransomware. The healthcare provider detected the cyberattack on September 29, 2022, and took steps right away […]
Avem Health Partners based in Oklahoma City provides healthcare companies with administrative and technology services. It recently began informing its healthcare clients regarding a data breach that happened at 365 Data Centers, its vendor. 365 […]
Citrix Application Delivery Controller (ADC) and Citrix Gateway users are advised to see and ensure that their systems aren’t prone to a critical unauthenticated remote code execution vulnerability that a highly capable Chinese advanced persistent […]
Occupational health services provider, Work Health Solutions based in San Jose, CA, has reported the exposure and potential theft of the protected health information (PHI) of 13,157 persons by unauthorized people who got access to […]
The private data of people visiting telehealth websites is being disclosed to big tech firms without the consent of the user because of the tracking code snippets added to websites, based on a recent review […]
San Gorgonio Memorial Hospital based in California and Receivables Performance Management based in Washington recently reported data breaches. The latter’s data breach has impacted more than 3.7 million persons. Receivables Performance Management Receivables Performance Management […]
Mobile health applications creators may need to comply with certain government legislation such as the Children’s Online Privacy Protection Act (COPPA), FTC Health Breach Notification Rule, Federal Food, Drug and Cosmetics Act (FD&C Act), FTC […]
LastPass has announced that hackers acquired access to a third-party cloud storage solution that held customer information, though there was no compromise of user passwords. The hacking incident is associated with the data breach that […]
A team of 10 state Attorney Generals lately sent a letter to Apple CEO, Tim Cook, telling the company to use tougher privacy and security settings for programs accessible via the Apple App Store that […]
There was a small decrease in ransomware attacks in Q3, but it is too soon to say whether that decreasing trend will go on. Despite the decrease in attacks, ransomware continues to be the main […]
Hope Health Systems Inc. (HHS) based in Woodlawn, MD has just reported that it suffered a ransomware attack. The healthcare provider detected the attack on June 20, 2022, and engaged third-party forensics specialists to look […]
Gateway Rehabilitation Center (Gateway Rehab) based in Pennsylvania recently reported that it encountered an incident causing access problems to selected systems. Gateway Rehab detected the incident on June 13, 2022 and took quick action to […]
Wright & Filippis, the prosthetics, orthotics, and accessibility service provider based in Rochester Hills, MI has just reported that it encountered a ransomware attack on its system. The attack happened from January 26 to January […]
There was a worldwide upsurge in cyberattacks in Quarter 3 of 2022. Attacks increased by 28% in contrast to the same period in 2021. Attacks today occur at an average rate of 1,130 every week, […]
Compliancy Group has recently confirmed that dentistry practice Dental Oasis, (Inku & Myung Dental Inc.) based in Inglewood, CA has an efficient HIPAA compliance program. Dental practices are categorized as covered entities according to the […]
Salud Family Health Gives Latest News on September 2022 Ransomware Attack Salud Family Health based in Colorado, a Federal Qualified Health Center (FQHC), just gave the latest information on a cyberattack that happened in September […]
Governor Tom Wolf of Pennsylvania just approved Senate Bill 696. The bill broadens the definition of personal information that is covered in the Breach of Personal Information Notification Act which requires the issuance of notifications […]
CommonSpirit Health has just given news updates about the development of its recovery effort in response to the October 2022 ransomware attack that impacted numerous services throughout its network. The health system discovered the attack […]
The Health Sector Cybersecurity Coordination Center (HC3) has lately provided information on the tactics, techniques, and procedures related to Venus ransomware attacks. It gave a number of tips about mitigations that healthcare groups can carry […]
CommonSpirit Health has lately given an announcement about the development that has been done in recouping from a ransomware attack in October 2022 that impacted a lot of services throughout its network. The health system […]
A number of anesthesia service providers have reported that they were impacted by a data breach encountered by their management services organization (MSO). In October, 13 anesthesia services providers to hospitals were impacted by the […]
President Biden proclaimed November to be observed as Critical Infrastructure Security and Resilience Month. It is a month focused on increasing understanding of the requirement to enhance critical infrastructure and toning up the strength of […]
The Department of Health and Human Services (HHS)’ Office for Civil Rights (OCR) has published a YouTube video that tells at length how the HITECH Act amendment in 2021 concerning “Recognized Security Practices” is applicable […]
Passwords are an affordable and easy way of authentication. Although passwords offer a high level of security, the fact is that they are a weak spot that threat actors frequently exploit to acquire access to […]
Private practice Neurology MIND Care PLLC based in Merrick, NY offers cognitive behavioral neurology and dementia consultation services. Compliancy Group recently certified Neurology MIND Care as having an effective HIPAA compliance program. Because Neurology MIND […]
The U.S. government is working on enhancing critical infrastructure cybersecurity. The White House has chosen the healthcare, communications, and water sectors as the next priority areas. The White House is about to release new guidance […]
VisionWeb Holdings based in Austin, TX, a company providing the eye care industry with Internet-delivered software solutions for enhancing practice efficiency, lately submitted a data breach report to the HHS’ Office for Civil Rights indicating […]
Cybercriminals extensively target the healthcare industry in order to access healthcare networks for a variety of nefarious uses. Why are healthcare records remarkably valuable to criminals? Hackers do a lot to gain access to healthcare […]
Radiology Associates of Albuquerque (also known as RAA Imaging/Advanced Imaging, LLC) has lately informed patients about the theft of some of their protected health information (PHI) in a cyberattack that was discovered over A year […]
Aesthetic Dermatology Associates based in Pennsylvania has lately confirmed that unauthorized individuals accessed its network and possibly viewed and/or obtained files that contain the personal data and protected health information (PHI) of 33,793 present and […]
Cardiac Imaging Associates based in Los Angeles, CA, has found out that an unauthorized person got access to the email account of an employee. The healthcare provider discovered the incident in April 2022, and took […]
Cytometry Specialists, Inc., conducting business as CSI Laboratories based in Alpharetta, GA, has lately reported that an unauthorized person accessed the email account of a worker and could have seen or acquired the protected health […]
CommonSpirit Health is dealing with a data security incident that has impacted a lot of its healthcare services. Based on an October 4, 2022 statement released by the health system, IT systems were inaccessible online […]
Managed services provider (MSP) CGuilbert Technologies based in Milwaukee, WI provides managed IT solutions to the healthcare and education industries. It recently confirmed taking the needed steps to be in compliance with the HITECH Act […]
Microsoft was cautioned about the exploitation in the wild of two zero-day vulnerabilities in Microsoft Exchange Server. It has discussed mitigations prior to the patching of the vulnerabilities. The two vulnerabilities are being linked together […]
A warning was released to the healthcare and public health (HPH) community regarding a Monkeypox phishing campaign attacking U.S. healthcare providers that tries to steal Office 365, Outlook, and other email account credentials. Monkeypox is […]
Google Meet is an innovative VoIP and videoconferencing program that healthcare providers can use to deliver telehealth services, remote consultation services, and virtual patient sessions. However, is Google Meet compliant with HIPAA? Google Meet is […]
The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has informed 38,765 patients about the potential compromise of some of their protected health information (PHI) in a cyberattack that happened approximately on July 11, 2022. […]
The Federal Bureau of Investigation (FBI) has released a TLP:WHITE Private Industry Notification notifying about persistent cybercriminal efforts attacking healthcare payment processors that endeavor to direct victim payments to accounts controlled by the attackers. These […]
The Federal Bureau of Investigation (FBI) has given a private industry notification alert concerning the growing number of vulnerabilities in healthcare devices. When medical devices aren’t immediately patched and are operating on obsolete programs, malicious […]
Emerging technologies could transform the healthcare sector. Although there are lots of potential advantages, these technologies could bring risks that can endanger patient privacy and security. When vulnerabilities aren’t appropriately dealt with, threat actors can […]
Rapid 7 researchers found four vulnerabilities in Baxter and Sigma Spectrum infusion pumps. These devices are employed to supply patients with medications and nutrition. These TCP/IP enabled-devices are typically linked to healthcare networks. Vulnerabilities can […]
RabbitSign based in Palo Alto, CA. is now certified by Compliancy Group’s compliance specialists as providing a free-to-use, unlimited e-signing solution that is compliant with the HIPAA Rules. RabbitSign was created at the time of […]
The HHS’ Office of Inspector General (OIG) has required the Health Resources and Services Administration (HRSA) to enhance supervision of the cybersecurity of the Organ Procurement and Transplantation Network (OPTN). The OPTN is a nationwide […]
Five vulnerabilities were found in CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor of Contec Health. A threat actor could exploit the vulnerabilities to carry out a denial-of-service attack, gain access to a root shell, […]
CorrectHealth Notifies 54,000 Patients About the Email System Breach in November 2021 CorrectHealth based in Alpharetta, GA is sending notifications to patients regarding a breach of its email accounts. The security breach was identified on […]
The Health Sector Cybersecurity Coordination Center (HC3) is alerting the healthcare and public health sector (HPH) regarding one of the ablest and hostile cybercrime syndicates presently active – Evil Corp. The group works from Russia […]
EmergeOrtho, an orthopedic practice in North Carolina, has just informed 75,200 patients that unauthorized individuals accessed some of their protected health information (PHI). As per the substitute breach notice posted by EmergeOrtho, the practice detected […]
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released an alert to the Healthcare and Public Health Sector (HPH) regarding a fairly new ransom threat group named Karakurt, which […]
Onyx Technologies based in Largo, MD, a company offering Information Technology and Consulting Services and a vendor of Independent Care Health Plan (iCare), recently informed 96,814 health plan members about the potential compromise of some […]
July 2022 had 66 healthcare data breaches affecting 500 and up records reported to the Department of Health and Human Services Office for Civil Rights. This figure is 5.71% less than the 70 data breach […]
Practice Resources based in Syracuse, NY provides billing and other professional services. It encountered a data breach that affected the data of 942,138 persons. The breach notification provided to the California Attorney General indicated that […]
The health plan provider Priority Health based in Michigan has reported that it was affected by a data breach that occurred at a business associate, the law agency Warner Norcross & Judd (WNJ). Steps were […]
The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released a joint security advisory concerning the extensive attack on organizations in the healthcare and medical sectors by the […]
The American Data Privacy and Protection Act (ADPPA) presented in June was considerably revised in just a few days. Then, last month there was a new draft of ADPPA law presented having more changes. The […]
Zenith American Solutions, the Sound Health and Wellness Trust’s third-party manager, recently advised people regarding a mailing error that compromised their Social Security numbers of the people. Based on the breach notification, the company sent […]
Additional information was recently published regarding two cyberattacks on healthcare companies: Behavioral Health Group and Goodman Campbell Brain and Spine. Behavioral Health Group Reports Potential Compromise of Patient Data in December 2021 Cyberattack Behavioral Health […]
Fast Track Urgent Care, an urgent healthcare clinic network in Florida, has announced that the protected health information (PHI) of 258,411 persons was exposed and possibly stolen due to a ransomware attack on PracticeMax, a […]
Meta is dealing with one more class action lawsuit because of the illegal collection and disclosure of health information with no content. The Northern District of California received the filed lawsuit on behalf of the […]
A big data breach was reported that has impacted many healthcare, senior living and rehabilitation centers in Arizona, Oregon, Nevada, Colorado, Utah, and Washington, which are managed by organizations that belong to the group Avamere […]
Almost all Americans are confident regarding their understanding of cybersecurity as per the latest AT&T study of 2,000 People in America. Nevertheless, bad cyber hygiene and poor password strategies remain a usual thing. OnePoll performed […]
Cybercriminals are increasingly attacking business associates of HIPAA-covered entities because of the ease of accessing the systems of a number of healthcare providers. To help healthcare delivery organizations (HDOs) manage the situation, the Cloud Security […]
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released information to assist healthcare companies to be protected against web application attacks. In recent years, web applications have increased in […]
Blue Cross and Blue Shield of Massachusetts (BCBSofMA) has just confirmed that a data breach at a business associate resulted in the exposure of the protected health information (PHI) of a number of its health […]
In June 2022, 70 healthcare data breaches involving 500 or higher records were reported to the Department of Health and Human Services’ Office for Civil Rights (OCR). This number is two less than May and […]
The National Institute of Standards and Technology (NIST) has made updates to its guidance for HIPAA-covered entities on enforcing the HIPAA Security Rule to better secure patients’ personal data and protected health information (PHI). The […]
A new Phishing by Industry Benchmarking Report showed that giving security awareness training to the employees considerably lowers risks to phishing attacks. KnowBe4 conducted the study to find out how helpful security awareness training is […]
Eric G Piasick D.M.D. has utilized the exclusive HIPAA methodology of Compliancy Group and was certified to be in compliance with the HIPAA Guidelines and the HITECH Act. Under the Health Insurance Portability and Accountability […]
All Trans Software Inc based in Ramsey, MN, which provides transportation vendors with Non-Emergency Medical Transportation (NEMT) software solutions, is certified to have put in place an efficient HIPAA compliance program according to the Compliancy […]
The HHS’ Office for Civil Rights has lately released guidance to healthcare companies after the overturning of Roe v. Wade subsequent to the SCOTUS Dobbs v. Jackson Women’s Health Organization judgment, which took away the […]
The Federal Bureau of Investigation (FBI), the Department of the Treasury, and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint security advisory to the healthcare and public health industry about the risk of Maui […]
Google has stated that it is going to take steps to improve privacy protections for end users of its services. Google has always recommended an extensive, national privacy law covering consumer data to make sure […]
The Department of the Treasury, Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Financial Crimes Enforcement Network (FinCEN) have released a joint cybersecurity warning regarding the MedusaLocker ransomware. The MedusaLocker […]
Senators Cory Booker (D-NJ), Ron Wyden (D-OR), and Elizabeth Warren (D-MA) have written to two prominent mental health app companies and sought responses regarding their practices on data collection and sharing. There were several reports […]
The Government Accountability Office (GAO) has advised the Department of Health and Human Services (HHS) to create a feedback system to enhance the efficiency of its data breach reporting procedure. The Health Information Technology for […]
The software-as-a-Service company Podium based in Lehi, UT offering business text messaging services for local companies has been certified as HIPAA compliant by Compliancy Group. Podium is redefining how patients connect with their local healthcare […]
Acorda Therapeutics Reports Email Account Breach The biotechnology firm Acorda Therapeutics based in Ardsley, NY reported that an unauthorized third party acquired access to its email system and possibly viewed email messages and file attachments […]
© Copyright 2003 to 2022 Calculated HIPAA