A previous patient of Northwestern Memorial HealthCare (NMHC) filed a lawsuit against Elekta Inc. regarding its ransomware attack and security breach last April 2021. Many U.S. healthcare providers are business associates with Elekta, a Swedish […]
Californian healthcare provider San Diego Health is facing multiple class-action lawsuits over a data breach impacting the protected health information (PHI) of 496,949 patients. San Diego Health discovered suspicious activity in the email accounts of […]
Two DuPage Medical Group patients are taking legal action against the healthcare provider right after a July 2021 ransomware attack through which patients’ protected health information (PHI) was compromised. DuPage Medical Group experienced the ransomware […]
The U.S. Department of Justice reported that a federal court in the Eastern District of Texas has sentenced a Texas lady to serve 30 months in federal prison for committing a conspiracy to acquire protected […]
The pharmacy and supermarket company Kroger has offered to pay $5 million to settle lawsuits which the victims of a data breach filed because their personal data and protected health information (PHI) were exposed. Kroger […]
Two former patients filed a class-action lawsuit against BJC HealthCare in relation to an email data breach in March 2020, but the lawsuit has made it through two motions to dismiss. Bradley Dean Taylor and […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool that organizations can use to evaluate how effectively they are prepared to protect against and recuperate from a ransomware attack. The threat […]
An ex-employee of Aultman Health Foundation viewed 7,300 patient information with no permission for nearly 12 years prior to the discovery of the HIPAA violation. The employee was given access to patient information to carry […]
In October 2020, Mayo Clinic reported that a former employee was found to have committed impermissible access to the health records of roughly 1,600 patients. Based on a statement released by the Mayo Clinic, the […]
The Chief Operating Officer of an IT security agency is facing a lawsuit due to a financially driven cyberattack on Gwinnett Medical Center based in Lawrenceville, GA last September 2018. Vikas Singla, aged 45, of […]
The health insurance and healthcare provider Humana in Louisville, KY and its business associate Cotiviti are confronted with legal action due to a data breach identified in late December 2020. On May 26, 2021, a […]
In September 2020, Nebraska Medicine and the University of Nebraska Medical Center found out that their systems were hacked and downloaded with malware allowing the hackers access to the protected health information (PHI) of approximately […]
The HHS’ Office for Civil Rights has reached a settlement with The Diabetes, Endocrinology & Lipidology Center, Inc. (DELC) to resolve a potential violation of the HIPAA Right of Access. This is OCR’s 8th financial […]
There has been a great deal of uncertainty regarding the case of inquiring somebody if they have gotten a COVID-19 vaccine. Does it constitute a HIPAA violation, particularly with regards to employers asking their staff […]
Universal Health Services (UHS) is facing a lawsuit associated with a 2020 data breach; but, the lawsuit proceeded only for one of the patients identified on the lawsuit. UHS manages approximately 400 hospitals and care […]
The Pennsylvania Department of Health and also its COVID-19 contact tracing provider are getting sued because of a breach of the personal and medical information of 72,000 Pennsylvanians. Insight Global and the Department of Health […]
Einstein Healthcare Network, a health system based in Philadelphia, is dealing with a class-action lawsuit associated with an August 2020 phishing attack that enabled an unauthorized person to access several employee email accounts. Einstein Healthcare […]
The healthcare data breaches reported in March increased by 38.8%. There were 62 breaches involving at least 500 records reported to the HHS’ Office for Civil Rights, the majority of which were hacking incidents. The […]
The Ventura County District Attorney directed Adventist Health Physicians Network located in Simi Valley, California to pay civil momentary penalties worth $40,000 for a civil privacy settlement resolving a patient privacy breach that impacted 3,797 […]
Roper St Francis Healthcare is confronted with a class action lawsuit associated with an October 2020 data breach wherein patient information was purportedly stolen. The lawsuit alleges negligence for not protecting patients’ private information. From […]
Med-Data Inc., a revenue cycle management services vendor based in Spring, TX, has given confirmation that the protected health information (PHI) of patients of some of its clients were loaded to GitHub, an open-source software […]
The HHS’ Office for Civil Rights has reported reaching a settlement with Village Plastic Surgery based in Ridgewood, NJ to resolve potential HIPAA Right of Access violations. Based on the conditions of the settlement, Village […]
The Arizona Supreme Court revived a HIPAA violation legal case that a man from Phoenix filed because of a privacy violation by a pharmacy worker associated with an erectile dysfunction medicine prescription. Greg Shepherd, aged […]
Cochise Eye and Laser, an ophthalmology and optometry company located in Sierra Vista, AZ, had a ransomware attack on January 13, 2021 and saw the encryption of its patient booking and billing application. Due to […]
The number of healthcare data breaches involving 500 or more records in January 2021 decreased by 48% month-over-month. There were 32 data breaches reported in January compared to December’s 62. Although this is below the […]
Wilmington Surgical Associates located in North Carolina is dealing with a class suit due to a Netwalker ransomware attack that resulted in a data breach last October 2020. In most ransomware attacks today, data files […]
The court has given preliminary approval of a settlement proposal by 21st Century Oncology to take care of a November 2020 class-action lawsuit. The class-action lawsuit was submitted in District Court for the Middle District […]
The Conti ransomware gang has left a big set of healthcare information online that was presumably taken from Leon Medical Centers based in Florida and Nocona General Hospital based in Texas. Leon Medical Centers experienced […]
Two personnel of the Department of Veteran Affairs’ (VA) information technology allegedly made false representations regarding the privacy and security risks of a huge data AI project involving the VA and a private firm that […]
The contract of Philly Fighting COVID to distribute COVID-19 vaccines in Philadelphia city with the Philadelphia Department of Public Health was ended following accusations that the organization’s privacy policies potentially allowed the purchase of private […]
A recent study printed in the Journal of the American Medical Informatics Association (JAMIA) revealed that information blocking by electronic health record (EHR) vendors remains remarkably rampant in spite of recent policymaking that forbids information […]
The HHS’ Office for Civil Rights (OCR) is moving forward with its efforts to catch healthcare companies that fail to provide patients with prompt access to their healthcare records. OCR recently announced a settlement reached […]
Twitter is penalized with €450,000 ($544,600) for violating the EU’s General Data Protection Regulation (GDPR). The Data Protection Commission (DPC) in Ireland issued the fine in connection with Twitter’s privacy breach report to the DPC […]
Kalispell Regional Healthcare based in Montana has offered a $4.2 million settlement deal to take care of a lawsuit filed on behalf of victims associated with a data breach that was reported in October 2019. […]
OCR imposed more financial penalties on HIPAA covered entities and business associates this 2020 than any year since OCR got authorized by the HIPAA Enforcement Rule to issue financial penalties on non-complying entities. As of […]
The U.S. Department of Health and Human Services’ Office for Civil Rights just issued the 10th financial penalty covered by the HIPAA Right of Access enforcement initiative. Riverside Psychiatric Medical Group based in California has […]
The Information Commissioner’s Office (ICO), the United Kingdom’s data protection authority, has enforced a £18.4 million ($23.8 million) financial fine on Marriott International for violating the EU’s General Data Protection Regulation (GDPR). The ICO had […]
Aetna Life Insurance Company and the associated covered entity (Aetna) has decided to resolve several potential HIPAA violations that the Department of Health and Human Services’ Office for Civil Rights (OCR) found in the course […]
Before September, the HHS’ Office for Civil Rights only issued three financial penalties on covered entities and business associates over HIPAA violations. Yet, in September, there was a squall of notices regarding HIPAA settlements when […]
Community Health Systems located in Franklin, TN, and its subsidiary CHSPCS LLC agreed to settle a multi-state action with 28 state attorneys general by paying out $5 M. An investigation directed by Tennessee Attorney General […]
The 12th HIPAA penalty of 2020 has been reported by the Department of Health and Human Services’ Office for Civil Rights (OCR). It is the 8th under the HIPAA Right of Access enforcement initiative since […]
A healthcare employee who was charged with violation of patient privacy and the Health Insurance Portability and Accountability Act (HIPAA) Rules was cleared of any violation after the federal law enforcement’s investigation. The said employee […]
Health insurer Anthem Inc. based in Indianapolis, IN has settled its multi-state actions filed by state attorneys general in relation to its 2014 78.8 million record data breach. One settlement deal for $39.5 million was […]
People affected by the recent data breaches that occurred at Blackbaud and Assured Imaging took legal action for the compromise and theft of their personal data and protected health information (PHI). Several Lawsuits Filed in […]
Montefiore Medical Center in Bronx, New York has dismissed a worker due to the supposed theft of the protected health information PHI of around 4,000 patients. Montefiore learned about the possible internal data breach in […]
HealthAlliance Hospital and its health record management vendor, Ciox Health, are facing a lawsuit for refusing to give a widow the medical records of her deceased husband. In October 2020, the husband of Sherry Russell, […]
Konica Minolta Healthcare Americas Inc. is going to pay $500,000 as a financial penalty to bring to an end a case against Viztek LLC, its ex-subsidiary, to take care of False Claims Act violations in […]
A law company is filing a lawsuit against Medical Records Online (MRO), a healthcare release-of-information solution provider, for charging too much on law companies and insurance companies when furnishing electronic copies of patients’ health records. […]
In December 2019, the Department of Health and Human Services’ Office for Civil Rights had two more enforcement actions taken against covered entities that were found to have broken the HIPAA Regulations. The first financial […]
A man from Georgia is charged over a complex plan to frame up a friend for violating the Health Insurance Portability and Accountability Act (HIPAA) that did not transpire. Jeffrey Parker, 43 years old, from […]
Ann & Robert H. Lurie Children’s Hospital of Chicago, which is a pediatric specialty hospital, found out that an ex-employee accessed certain patients’ medical records without having an authorized work reason. The employee’s unauthorized action […]
Solara Medical Supplies is confronted with a lawsuit involving a data breach in June 2019 resulting in the exposure of the protected health information (PHI) of over 114,000 customers and the potential data theft by […]
Kalispell Regional Healthcare based in Montana is getting sued as a consequence of a phishing attack that made it possible for hackers to get access to the email accounts of employees that have the protected […]
The 8th HIPAA financial penalty of 2019 has been announced by the Department of Health and Human Services’ Office for Civil Rights (OCR). Sentara Hospitals has made an agreement to pay a penalty of $2.175 […]
Google has affirmed the news of its partnership with one of the biggest U.S. healthcare systems so that it could access a substantial volume of patient information. Google partnered with Ascension, which is the world’s […]
Aegis Medical Group, a physician group in Florida, began informing 9,800 patients regarding the potential access of their protected health information (PHI) by a former employee. Allegedly, that person tried to sell patient data to […]
A group of 81 female patients of Sharp HealthCare and Sharp Grossmont Hospital have filed a lawsuit against the facility for severe breaches in patient privacy. The lawsuit alleges that the hospital secretly recorded video […]
A patient who found her discovered that her private medical information was available on social media platforms is suing the Northwestern Medicine Regional Medical Group for PHI exposure. Earlier this month, Gina Graziano discovered that […]
The University of Washington is alerting nearly a million patients of a data breach that resulted in unauthorised individuals being able to access their protected health information (PHI) through search engines online. The error was […]
Sharecare Health Data Services has reported that an unauthorised individual gained access to sensitive information stored in their systems. Sharecare Health Data Services (SHDS), based in San Diego, provides secure electronic exchange and medical records […]
Columbia Surgical Specialists have announced a ransomware attack on their facility has potentially compromised the PHI of up to 400,000 patients. Columbia Surgical Specialists (CSS), based in Spokane, Washington, discovered the attack on January 9, […]
Kentucky Counselling Center has announced that a data breach has resulted in the exposure of 16,440 patient data files. On January 4, 2019, a former employee notified Kentucky Counselling Center (KCC) that they had received […]
Drupal has released an update which corrects a critical vulnerability in the Drupal CMS. Drupal is a free and open-source content management framework and provides the back-end framework for approximately 2.3% of websites worldwide. The […]
Researchers at Carbon Black have identified a new Shlayer malware variant that targets Mac computers running MacOS versions 10.10.5 to 10.14.3. The researchers first identified the OrA new Shlayer malware variant a year ago. Mac […]
A new Business Email Compromise (BEC) attack targeting high-level executives has been identified. BEC campaigns are a form of phishing attack in which the cybercriminal impersonates a high-ranking member of an organisation, such as CEO […]
Aetna has agreed to pay the California Attorney General $935,000 for a 2017 breach which resulted in the exposure of the HIV status of 1,991 Californian residents. In July 2017, Aetna, a health insurer based […]
A Georgia-based paediatric cardiologist was sentenced to 6 months’ probation after pleading guilty to violating HIPAA legislation by disclosing patient PHI to an unauthorised organisation. Dr Eduardo Montana, 55, plead guilty at the Department of […]
The results of an investigation into a data breach at SingHealth, Singapore’s largest health network, highlight the importance of even the most basic cybersecurity practices for organisations across the globe. The data breach at SingHealth […]
A cybersecurity blog has reported that a new vishing scam in which the scammer pretends to be an employee of Apple Inc. has been uncovered. Vishing is a less common form of phishing attack. The […]
The San Diego Unified School District has announced that a phishing attack on its network has affected more than half a million of its staff and current and former students. The San Diego Unified School […]
Patients affected by a data security incident at LifeBridge Health in March 2018 have filed a lawsuit against the facility. LifeBridge Health, a nonprofit healthcare corporation in Baltimore, Maryland, discovered that malware had infected one […]
The University of Vermont Health Network has revealed that a data security incident at the facility has affected approximately 32,000 patients. The breach was discovered on October 18, 2018. An unauthorised third-party had gained access […]
The University of Maryland Medical System has recently announced that it has been the victim of a malware attack on its network. The University of Maryland Medical System is a private, not-for-profit corporation that operates […]
The Attorney Generals of a dozen states have filed a lawsuit against Medical Informatics Engineering, a healthcare software and systems developer and NoMoreClipboard, an electronic platform for personal health records. The lawsuit is over the […]
Allergy Associates of Hartford, P.C. (Allergy Associates) has agreed to pay a fine of $125,000 to the Office of Health and Human Services’ Office for Civil Rights to settle alleged violations of the Health Insurance Portability […]
Researchers at Michigan State University and John Hopkins University have released a report containing their analysis of data breaches reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) between October […]
This week, the Centers for Medicare and Medicaid (CMS) has announced an update on the recent HealthCare.gov website breach. Last month, hackers gained access to a health insurance system that interacts with the HealthCare.gov website. […]
Inova Health System, a non-profit health organisation based in Falls Church, Virginia, has announced that it has experienced a data breach. The protected health information (PHI) of over 12,000 of its patients may have been […]
A North Carolina medical center has announced that a phishing attack on its systems has resulted in the protected health information (PHI) of up to 20,000 being compromised. Catawba Valley Medical Center (CVMC), based in […]
The Centers for Medicaid & Medicare Services (CMS) has announced that it was recently the victim of a cyberattack that has resulted in approximately 75,000 consumer records being accessed by unauthorised individuals. On October 13 […]
Claxton-Hepburn Medical Center, which is a not-for-profit community hospital based in Ogdensburg, New York, terminated several employees because they accessed patient medical records even though they do not have authorization to do so. The hospital […]
In April 2018, a 65-year old former gynecologist named Rita Luthra from Massachusetts, Longmeadow, was charged with criminal violation of the HIPAA Privacy Rule and federal investigation obstruction. In September 19, 2018, the judge announced […]
The Massachusetts attorney general fined UMass Memorial Health Care the amount of $230,000 for its HIPAA violations with respect to two data breaches which compromised the protected health information (PHI) of over 15,000 state locals. […]
The Department of Health and Human Services’ Office for Civil Rights (OCR) fined three hospitals the amount of $999,000 for allowing an ABC film crew to shoot a video footage of patients for its Boston […]
The HHS’ Centers for Medicare and Medicaid Services (CMS) investigated Fairview Southdale Hospital, which is located in Edina, MN, because of a supposed patient privacy violation. It was found out that during the psychiatric evaluations […]
The Fetal Diagnostic Institute of the Pacific (FDIP) based in Honolulu, Hawaii was attacked by ransomware on June 30, 2018. This resulted to the installation of a file-encrypting software on a server, which encrypted different […]
The New Mexico Department of Health is checking why the personal health documents of a number of of its patients fell off a truck while being transported from the facility to the safe storage location. […]
The New York Attorney General fined the Arc of Erie County with $200,000 for Violating HIPAA Rules as a result of failing to safeguard its customers’ electronic protected health information (ePHI). The Arc of Erie […]
Dennis and Wayne Russell’s adopted two-year old boy named Keon passed away as a result of accidentally drowning. Soon after the boy was brought to McAlester Regional Health Center, they got a telephone call from […]
OhioHealth’s Grant Medical Center dispatched fax messages containing the protected health information (PHI) of a patient to the wrong person in the last few months. This is a violation of the HIPAA rules and privacy […]
Lincare Inc, a respiratory therapy vendor, consented to pay $875,000 to settle a class-action lawsuit that its employees filed for a breach of their W-2 details. The data breach happened on February 3, 2017 when […]
UnityPoint Health identified a data breach on February 15, 2018 which led to the compromise of 16,429 patients’ protected health information. It seems that the data breach happened as a result of the failure of […]
The Department of Justice (DOJ) does not pursue many criminal penalties for HIPAA violations. But in cases of serious patient privacy violation, such as when the protected health information (PHI) is impermissibly disclosed with malicious […]
A former employee of Texas Health and Human Services Commission (HHSC) got hold of the protected health information of about 100 patients after being terminated from work. She had collected personal items from her old […]
A 31-year old former receptionist named Annie Vuong worked at a New York dental practice where she stole the protected health information of over 650 patients. She was sentenced to spend 2 to 6 years […]
The New Jersey Attorney General’s Office financially penalized Virtua Medical Group for its failure in protecting the privacy of over 1,650 patients. The protected health information of the patients was exposed because of a misconfigured […]
The protected health information of some patients and payment guarantors were compromised because the unencrypted laptop computer that Clinical Pathology Laboratories Southeast Inc (CPLSE) issued to an employee was stolen. CPLSE took immediate action so […]
QuadMed, a medical, fitness, physical therapy, laboratory and pharmacy services provider based in Wisconsin, sent notification letters by mail to 9,854 patients informing them that their PHI was potentially viewed without authorization during a privacy […]
BJC Healthcare, a non-profit healthcare system, runs two nationally recognized hospitals in St. Louis, Missouri namely St. Louis Children’s Hospital and Barnes-Jewish Hospital plus 13 other hospitals. It has over 31,000 employees, admits more than […]
The legal firm Salem and Green, a business associate of Sutter Health, had a phishing attack resulting in exposure of the protected health information of certain patients. A staff of Salem and Green received a […]
© Copyright 2003 to 2021 Calculated HIPAA