Calculated HIPAA

A Calculated Approach to HIPAA Compliance

  • HIPAA Violation News
  • HIPAA Updates
  • HIPAA Advice
  • HIPAA Compliance
    • HIPAA Law
  • HIPAA Violations
  • HIPAA Training
  • HIPAA Penalties
HomeHIPAA Violation News

HIPAA Violation News

Healthcare Data Breach Report in January 2021

February 24, 2021 Site Editor

The number of healthcare data breaches involving 500 or more records in January 2021 decreased by 48% month-over-month. There were 32 data breaches reported in January compared to December’s 62. Although this is below the […]

Class Action Lawsuit Filed Against Wilmington Surgical Associates Over Netwalker Ransomware Attack

February 23, 2021 Site Editor

Wilmington Surgical Associates located in North Carolina is dealing with a class suit due to a Netwalker ransomware attack that resulted in a data breach last October 2020. In most ransomware attacks today, data files […]

21st Century Oncology Data Breach Settlement Gets Preliminary Approval

February 17, 2021 Site Editor

The court has given preliminary approval of a settlement proposal by 21st Century Oncology to take care of a November 2020 class-action lawsuit. The class-action lawsuit was submitted in District Court for the Middle District […]

Ransomware Gang Dumps Information Stolen from Two U.S. Healthcare Organizations

February 16, 2021 Site Editor

The Conti ransomware gang has left a big set of healthcare information online that was presumably taken from Leon Medical Centers based in Florida and Nocona General Hospital based in Texas. Leon Medical Centers experienced […]

Two VA Employees Covered Up Privacy and Security Risks of Data Project with Flow Health

February 4, 2021 Site Editor

Two personnel of the Department of Veteran Affairs’ (VA) information technology allegedly made false representations regarding the privacy and security risks of a huge data AI project involving the VA and a private firm that […]

Philadelphia Department of Public Health Terminates Vaccine Distribution Contract Due to Alleged Privacy Violations

February 2, 2021 Site Editor

The contract of Philly Fighting COVID to distribute COVID-19 vaccines in Philadelphia city with the Philadelphia Department of Public Health was ended following accusations that the organization’s privacy policies potentially allowed the purchase of private […]

Study Shows Most EHR Vendors are Invovled in Information Blocking Tactics

January 26, 2021 Site Editor

A recent study printed in the Journal of the American Medical Informatics Association (JAMIA) revealed that information blocking by electronic health record (EHR) vendors remains remarkably rampant in spite of recent policymaking that forbids information […]

Banner Health Fined $200,000 as OCR Moves Forward with HIPAA Right of Access Enforcement

January 15, 2021 Site Editor

The HHS’ Office for Civil Rights (OCR) is moving forward with its efforts to catch healthcare companies that fail to provide patients with prompt access to their healthcare records. OCR recently announced a settlement reached […]

Twitter Penalized $544,000 for its GDPR Data Breach Violations

December 17, 2020 Site Editor

Twitter is penalized with €450,000 ($544,600) for violating the EU’s General Data Protection Regulation (GDPR). The Data Protection Commission (DPC) in Ireland issued the fine in connection with Twitter’s privacy breach report to the DPC […]

Kalispell Regional Healthcare Proposes to Pay 4.2 Million to Resolve Data Breach Lawsuit

December 7, 2020 Site Editor

Kalispell Regional Healthcare based in Montana has offered a $4.2 million settlement deal to take care of a lawsuit filed on behalf of victims associated with a data breach that was reported in October 2019. […]

HIPAA Enforcement Activity in October 2020

November 26, 2020 Site Editor

OCR imposed more financial penalties on HIPAA covered entities and business associates this 2020 than any year since OCR got authorized by the HIPAA Enforcement Rule to issue financial penalties on non-complying entities. As of […]

Office for Civil Rights Reports the 10th HIPAA Fine Covered by the Right of Access Initiative

November 9, 2020 Site Editor

The U.S. Department of Health and Human Services’ Office for Civil Rights just issued the 10th financial penalty covered by the HIPAA Right of Access enforcement initiative. Riverside Psychiatric Medical Group based in California has […]

ICO Penalizes Marriott International £18.4 Million for Violating the GDPR

November 5, 2020 Site Editor

The Information Commissioner’s Office (ICO), the United Kingdom’s data protection authority, has enforced a £18.4 million ($23.8 million) financial fine on Marriott International for violating the EU’s General Data Protection Regulation (GDPR). The ICO had […]

Aetna Paid $1 Million HIPAA Penalty for Three Data Breaches

October 29, 2020 Site Editor

Aetna Life Insurance Company and the associated covered entity (Aetna) has decided to resolve several potential HIPAA violations that the Department of Health and Human Services’ Office for Civil Rights (OCR) found in the course […]

HIPAA Enforcement Activity in September 2020

October 23, 2020 Site Editor

Before September, the HHS’ Office for Civil Rights only issued three financial penalties on covered entities and business associates over HIPAA violations. Yet, in September, there was a squall of notices regarding HIPAA settlements when […]

Community Health Systems To Settle $5 Million to Resolve Multi-State Breach Case

October 12, 2020 Site Editor

Community Health Systems located in Franklin, TN, and its subsidiary CHSPCS LLC agreed to settle a multi-state action with 28 state attorneys general by paying out $5 M. An investigation directed by Tennessee Attorney General […]

HIPAA Right of Access Failure by Healthcare Provider Resulted in $160,000 Penalty

October 9, 2020 Site Editor

The 12th HIPAA penalty of 2020 has been reported by the Department of Health and Human Services’ Office for Civil Rights (OCR). It is the 8th under the HIPAA Right of Access enforcement initiative since […]

Georgia Man Pleads Guilty for Framing a Former Acquaintance for HIPAA Rules Violation

October 6, 2020 Site Editor

A healthcare employee who was charged with violation of patient privacy and the Health Insurance Portability and Accountability Act (HIPAA) Rules was cleared of any violation after the federal law enforcement’s investigation. The said employee […]

Anthem Inc. Spends $48.2 Million in Penalties to Resolve Multi-State Lawsuits

October 1, 2020 Site Editor

Health insurer Anthem Inc. based in Indianapolis, IN has settled its multi-state actions filed by state attorneys general in relation to its 2014 78.8 million record data breach. One settlement deal for $39.5 million was […]

Multiple Lawsuits Filed Due to the Recent Healthcare Data Breaches

September 28, 2020 Site Editor

People affected by the recent data breaches that occurred at Blackbaud and Assured Imaging took legal action for the compromise and theft of their personal data and protected health information (PHI). Several Lawsuits Filed in […]

Montefiore Medical Center and Geisinger Terminates Workers Involved in Unauthorized PHI Access

September 24, 2020 Site Editor

Montefiore Medical Center in Bronx, New York has dismissed a worker due to the supposed theft of the protected health information PHI of around 4,000 patients. Montefiore learned about the possible internal data breach in […]

Class Action Medical Records Lawsuit Filed Against HealthAlliance Hospital and Ciox Health

September 16, 2020 Site Editor

HealthAlliance Hospital and its health record management vendor, Ciox Health, are facing a lawsuit for refusing to give a widow the medical records of her deceased husband. In October 2020, the husband of Sherry Russell, […]

Konica Minolta Pays $500,000 to Resolve EHR False Claims Case

September 2, 2020 Site Editor

Konica Minolta Healthcare Americas Inc. is going to pay $500,000 as a financial penalty to bring to an end a case against Viztek LLC, its ex-subsidiary, to take care of False Claims Act violations in […]

Law Company Files Class Action Lawsuit For Overcharging for Copy of Patient’s Medical Data

March 19, 2020 Site Editor

A law company is filing a lawsuit against Medical Records Online (MRO), a healthcare release-of-information solution provider, for charging too much on law companies and insurance companies when furnishing electronic copies of patients’ health records. […]

HIPAA Enforcement Activity in December 2019

January 29, 2020 Site Editor

In December 2019, the Department of Health and Human Services’ Office for Civil Rights had two more enforcement actions taken against covered entities that were found to have broken the HIPAA Regulations. The first financial […]

Man from Georgia Facing Imprisonment Over False Allegations of HIPAA Violations

January 13, 2020 Site Editor

A man from Georgia is charged over a complex plan to frame up a friend for violating the Health Insurance Portability and Accountability Act (HIPAA) that did not transpire. Jeffrey Parker, 43 years old, from […]

Termination of a Former Exployee of Ann & Robert H. Lurie Children’s Hospital of Chicago for Unauthorized Access of Patient Records

December 31, 2019 Site Editor

Ann & Robert H. Lurie Children’s Hospital of Chicago, which is a pediatric specialty hospital, found out that an ex-employee accessed certain patients’ medical records without having an authorized work reason. The employee’s unauthorized action […]

Solara Medical Supplies Faces Lawsuit Over 114,000-Record Data Breach

December 6, 2019 Site Editor

Solara Medical Supplies is confronted with a lawsuit involving a data breach in June 2019 resulting in the exposure of the protected health information (PHI) of over 114,000 customers and the potential data theft by […]

Legal Action Filed Against Kalispell Regional Healthcare Due to the 130,000-Record Data Breach

December 5, 2019 Site Editor

Kalispell Regional Healthcare based in Montana is getting sued as a consequence of a phishing attack that made it possible for hackers to get access to the email accounts of employees that have the protected […]

Sentara Hospitals Agreed to Pay $2.175 HIPAA Settlement for Breach Notification Rule and BAA Failures

November 29, 2019 Site Editor

The 8th HIPAA financial penalty of 2019 has been announced by the Department of Health and Human Services’ Office for Civil Rights (OCR). Sentara Hospitals has made an agreement to pay a penalty of $2.175 […]

Project Venture Allows Google to Access Ascension Patients Health Records

November 27, 2019 Site Editor

Google has affirmed the news of its partnership with one of the biggest U.S. healthcare systems so that it could access a substantial volume of patient information. Google partnered with Ascension, which is the world’s […]

9,800 Records of Aegis Medical Group Patients Potentially Accessed by a Former Employee Without Authorization

November 20, 2019 Site Editor

Aegis Medical Group, a physician group in Florida, began informing 9,800 patients regarding the potential access of their protected health information (PHI) by a former employee. Allegedly, that person tried to sell patient data to […]

Sharp Healthcare Faces Lawsuit for Secretly Recording Female Patients During Surgery

April 3, 2019 Site Editor

A group of 81 female patients of Sharp HealthCare and Sharp Grossmont Hospital have filed a lawsuit against the facility for severe breaches in patient privacy. The lawsuit alleges that the hospital secretly recorded video […]

Northwestern Medical Patient has PHI Exposed on Social Media

March 25, 2019 Site Editor

A patient who found her discovered that her private medical information was available on social media platforms is suing the Northwestern Medicine Regional Medical Group for PHI exposure. Earlier this month, Gina Graziano discovered that […]

UW Medicine IT Error Exposes Records of 1 Million Patients

March 20, 2019 Site Editor

The University of Washington is alerting nearly a million patients of a data breach that resulted in unauthorised individuals being able to access their protected health information (PHI) through search engines online. The error was […]

Unauthorised Individual Accesses Sharecare Health Data Services’ Systems

March 16, 2019 Site Editor

Sharecare Health Data Services has reported that an unauthorised individual gained access to sensitive information stored in their systems. Sharecare Health Data Services (SHDS), based in San Diego, provides secure electronic exchange and medical records […]

Columbia Surgical Specialists Experience Ransomware Attack

March 8, 2019 Site Editor

Columbia Surgical Specialists have announced a ransomware attack on their facility has potentially compromised the PHI of up to 400,000 patients. Columbia Surgical Specialists (CSS), based in Spokane, Washington, discovered the attack on January 9, […]

Data Breach at Kentucky Counselling Center Exposes 16,440 Files

February 28, 2019 Site Editor

Kentucky Counselling Center has announced that a data breach has resulted in the exposure of 16,440 patient data files.  On January 4, 2019, a former employee notified Kentucky Counselling Center (KCC) that they had received […]

Drupal Releases Patch for Critical Vulnerability in Drupal CMS

February 22, 2019 Site Editor

Drupal has released an update which corrects a critical vulnerability in the Drupal CMS.  Drupal is a free and open-source content management framework and provides the back-end framework for approximately 2.3% of websites worldwide.  The […]

Carbon Black Identifies New Shlayer Malware Targeting Macs

February 15, 2019 Site Editor

Researchers at Carbon Black have identified a new Shlayer malware variant that targets Mac computers running MacOS versions 10.10.5 to 10.14.3. The researchers first identified the OrA new Shlayer malware variant a year ago. Mac […]

Business Email Compromise Campaign Targeting High-Level Executives Identified

February 8, 2019 Site Editor

A new Business Email Compromise (BEC) attack targeting high-level executives has been identified. BEC campaigns are a form of phishing attack in which the cybercriminal impersonates a high-ranking member of an organisation, such as CEO […]

Aetna Pays California Attorney General $935,000 for 2017 Data Breach

February 2, 2019 Site Editor

Aetna has agreed to pay the California Attorney General $935,000 for a 2017 breach which resulted in the exposure of the HIV status of 1,991 Californian residents. In July 2017, Aetna, a health insurer based […]

Paediatric Cardiologist Sentenced to Probation Following HIPAA Violation

January 21, 2019 Site Editor

A Georgia-based paediatric cardiologist was sentenced to 6 months’ probation after pleading guilty to violating HIPAA legislation by disclosing patient PHI to an unauthorised organisation. Dr Eduardo Montana, 55, plead guilty at the Department of […]

Results of SingHealth Data Breach Investigation Published

January 14, 2019 Site Editor

The results of an investigation into a data breach at SingHealth, Singapore’s largest health network, highlight the importance of even the most basic cybersecurity practices for organisations across the globe. The data breach at SingHealth […]

Apple Vishing Scam Uncovered

January 11, 2019 Site Editor

A cybersecurity blog has reported that a new vishing scam in which the scammer pretends to be an employee of Apple Inc. has been uncovered. Vishing is a less common form of phishing attack. The […]

San Diego Unified School District Suffers Phishing Attack

December 31, 2018 Site Editor

The San Diego Unified School District has announced that a phishing attack on its network has affected more than half a million of its staff and current and former students. The San Diego Unified School […]

Lawsuit Filed Against LifeBridge Health for March 2018 Data Security Incident

December 26, 2018 Site Editor

Patients affected by a data security incident at LifeBridge Health in March 2018 have filed a lawsuit against the facility. LifeBridge Health, a nonprofit healthcare corporation in Baltimore, Maryland, discovered that malware had infected one […]

University of Vermont Health Networks Data Breach Affects 32,000

December 19, 2018 Site Editor

The University of Vermont Health Network has revealed that a data security incident at the facility has affected approximately 32,000 patients. The breach was discovered on October 18, 2018. An unauthorised third-party had gained access […]

University of Maryland Medical System Experiences Malware Attack

December 15, 2018 Site Editor

The University of Maryland Medical System has recently announced that it has been the victim of a malware attack on its network. The University of Maryland Medical System is a private, not-for-profit corporation that operates […]

Medical Informatics Engineering Faces Lawsuit Over 2015 Data Breach

December 8, 2018 Site Editor

The Attorney Generals of a dozen states have filed a lawsuit against Medical Informatics Engineering, a healthcare software and systems developer and NoMoreClipboard, an electronic platform for personal health records. The lawsuit is over the […]

Allergy Associates Settles HIPAA Violation with $125,000 Fine

November 27, 2018 Site Editor

Allergy Associates of Hartford, P.C. (Allergy Associates) has agreed to pay a fine of $125,000 to the Office of Health and Human Services’ Office for Civil Rights to settle alleged violations of the Health Insurance Portability […]

Report Highlights Risk of Internal Breaches to Medical Data

November 20, 2018 Site Editor

Researchers at Michigan State University and John Hopkins University have released a report containing their analysis of data breaches reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) between October […]

Update Issued on CMS HealthCare.Gov Data Breach

November 17, 2018 Site Editor

This week, the Centers for Medicare and Medicaid (CMS) has announced an update on the recent HealthCare.gov website breach. Last month, hackers gained access to a health insurance system that interacts with the HealthCare.gov website. […]

Inova Health System Announces Potential Insider Breach

November 11, 2018 Site Editor

Inova Health System, a non-profit health organisation based in Falls Church, Virginia, has announced that it has experienced a data breach. The protected health information (PHI) of over 12,000 of its patients may have been […]

Up to 20,000 Patients Affected by Phishing Attack on North Carolina Medical Center

October 31, 2018 Site Editor

A North Carolina medical center has announced that a phishing attack on its systems has resulted in the protected health information (PHI) of up to 20,000 being compromised.  Catawba Valley Medical Center (CVMC), based in […]

CMS Breach Sees Up to 75,000 Consumers Affected

October 25, 2018 Site Editor

The Centers for Medicaid & Medicare Services (CMS) has announced that it was recently the victim of a cyberattack that has resulted in approximately 75,000 consumer records being accessed by unauthorised individuals.  On October 13 […]

Claxton-Hepburn Medical Center Employees Terminated for Violating the HIPAA

October 3, 2018 Site Editor

Claxton-Hepburn Medical Center, which is a not-for-profit community hospital based in Ogdensburg, New York, terminated several employees because they accessed patient medical records even though they do not have authorization to do so. The hospital […]

Gynecologist License Revoked for Criminal HIPAA Violation But No Jail Time or Penalty

September 28, 2018 Site Editor

In April 2018, a 65-year old former gynecologist named Rita Luthra from Massachusetts, Longmeadow, was charged with criminal violation of the HIPAA Privacy Rule and federal investigation obstruction. In September 19, 2018, the judge announced […]

UMass Memorial Health Care Pays Massachusetts Attorney General’s Office $230,000 for HIPAA Violations

September 26, 2018 Site Editor

The Massachusetts attorney general fined UMass Memorial Health Care the amount of $230,000 for its HIPAA violations with respect to two data breaches which compromised the protected health information (PHI) of over 15,000 state locals. […]

Three Hospitals Pay $999,000 in HIPAA Penalties Related to Boston Med HIPAA Violations

September 25, 2018 Site Editor

The Department of Health and Human Services’ Office for Civil Rights (OCR) fined three hospitals the amount of $999,000 for allowing an ABC film crew to shoot a video footage of patients for its Boston […]

CMS Investigates Fairview Southdale Hospital for Videotaping Patients Without Knowledge or Consent

September 19, 2018 Site Editor

The HHS’ Centers for Medicare and Medicaid Services (CMS) investigated Fairview Southdale Hospital, which is located in Edina, MN, because of a supposed patient privacy violation. It was found out that during the psychiatric evaluations […]

Ransomware Attack on Fetal Diagnostic Institute of the Pacific Impacts 40,800 Patients

September 17, 2018 Site Editor

The Fetal Diagnostic Institute of the Pacific (FDIP) based in Honolulu, Hawaii was attacked by ransomware on June 30, 2018. This resulted to the installation of a file-encrypting software on a server, which encrypted different […]

New Mexico Hospital Medical Records Exposed in the Street

September 10, 2018 Site Editor

The New Mexico Department of Health is checking why the personal health documents of a number of of its patients fell off a truck while being transported from the facility to the safe storage location. […]

Arc of Erie County Pays NY Attorney Generals’ Office $200,000 for Security Breach

September 5, 2018 Site Editor

The New York Attorney General fined the Arc of Erie County with $200,000 for Violating HIPAA Rules as a result of failing to safeguard its customers’ electronic protected health information (ePHI). The Arc of Erie […]

McAlester Hospital in Trouble for Impermissible Disclosure of Medical Information

August 28, 2018 Site Editor

Dennis and Wayne Russell’s adopted two-year old boy named Keon passed away as a result of accidentally drowning. Soon after the boy was brought to McAlester Regional Health Center, they got a telephone call from […]

Fax Messages with PHI Sent to the Wrong Patient

July 4, 2018 Site Editor

OhioHealth’s Grant Medical Center dispatched fax messages containing the protected health information (PHI) of a patient to the wrong person in the last few months. This is a violation of the HIPAA rules and privacy […]

Lincare Resolved to Pay $875,000 to Negotiate W-2 Phishing Scam Lawsuit

May 30, 2018 Site Editor

Lincare Inc, a respiratory therapy vendor, consented to pay $875,000 to settle a class-action lawsuit that its employees filed for a breach of their W-2 details. The data breach happened on February 3, 2017 when […]

Class Action Lawsuit on UnityPoint Health Filed By Data Breach Victims

May 14, 2018 Site Editor

UnityPoint Health identified a data breach on February 15, 2018 which led to the compromise of 16,429 patients’ protected health information. It seems that the data breach happened as a result of the failure of […]

Massachusetts Gynecologist Charged With Criminal HIPAA Violation and Obstruction of Investigation

May 7, 2018 Site Editor

The Department of Justice (DOJ) does not pursue many criminal penalties for HIPAA violations. But in cases of serious patient privacy violation, such as when the protected health information (PHI) is impermissibly disclosed with malicious […]

Terminated Employee Got Hold of PHI of 100 Patients

May 1, 2018 Site Editor

A former employee of Texas Health and Human Services Commission (HHSC) got hold of the protected health information of about 100 patients after being terminated from work. She had collected personal items from her old […]

Receptionist Stole 653 Patients’ PHI and Penalized With 2 to 6 Years Jail Term

April 13, 2018 Site Editor

A 31-year old former receptionist named Annie Vuong worked at a New York dental practice where she stole the protected health information of over 650 patients. She was sentenced to spend 2 to 6 years […]

New Jersey Attorney General’s Office Fined Virtua Medical Group the Amount of $418,000

April 11, 2018 Site Editor

The New Jersey Attorney General’s Office financially penalized Virtua Medical Group for its failure in protecting the privacy of over 1,650 patients. The protected health information of the patients was exposed because of a misconfigured […]

CPLSE-Owned Laptop with Unencrypted PHI Stolen

March 27, 2018 Site Editor

The protected health information of some patients and payment guarantors were compromised because the unencrypted laptop computer that Clinical Pathology Laboratories Southeast Inc (CPLSE) issued to an employee was stolen. CPLSE took immediate action so […]

QuadMed Employees Impermissibly Accessed the PHI of More than 9,850 Patients

March 20, 2018 Site Editor

QuadMed, a medical, fitness, physical therapy, laboratory and pharmacy services provider based in Wisconsin, sent notification letters by mail to 9,854 patients informing them that their PHI was potentially viewed without authorization during a privacy […]

BJC Healthcare’s Data Breach Exposed the PHI of 33,420 Patients for 8 Months

March 19, 2018 Site Editor

BJC Healthcare, a non-profit healthcare system, runs two nationally recognized hospitals in St. Louis, Missouri namely St. Louis Children’s Hospital and Barnes-Jewish Hospital plus 13 other hospitals. It has over 31,000 employees, admits more than […]

Sutter Health’s Business Associate Experienced a Phishing Incident

March 1, 2018 Site Editor

The legal firm Salem and Green, a business associate of Sutter Health, had a phishing attack resulting in exposure of the protected health information of certain patients. A staff of Salem and Green received a […]

Triple-S Advantage Had Another Data Breach That Affected 36,000

February 23, 2018 Site Editor

A privacy breach occurred in the Puerto Rico Health Plan Triple-S Advantage, which affected 36,000 plan members. The cause of the breach was a mailing error that disclosed the plan members’ sensitive information to incorrect […]

Federal Court Denied Motion to Dismiss Lawsuit Against Mail Service

February 12, 2018 Site Editor

Press America, Inc is a mail service used by CVS Pharmacy. Because of an accidental disclosure of 41 individual’s protected health information, CVS Pharmacy sued Press America, Inc. CVS Pharmacy works as a business associate […]

AllScripts Faces Class Action Lawsuit Because of Ransomware Attack

February 9, 2018 Site Editor

AllScripts was attacked by ransomware last week resulting in the unavailability of their services. Thousands of healthcare providers cannot access patient data or the e-prescription service. AllScripts now faces a class action lawsuit filed by […]

Kansas Attorney General Fined Pearlie Mae’s Compassion and Care LLC for Violating Wayne Owen Act

February 6, 2018 Site Editor

The Kansas Attorney General fined Pearlie Mae’s Compassion and Care LLC in Topeka, Kansas together with its owners for its failure to protect patient and employee records. The civil monetary penalty amounted to $8,750. According […]

Allscripts and Two Indiana Hospitals Were Attacked by Ransomware

January 30, 2018 Site Editor

A ransomware attack on Allscripts happened on January 18, 2018, which is the reason why a number of the firm’s applications, such as the cloud EHR and the electronic prescriptions platform, went offline. The attack […]

Aetna Agreed to Pay Victims of HIV Status Data Breach

January 29, 2018 Site Editor

Aetna agreed to pay $17,161,200 to settle a class action lawsuit filed by complainants of a mailing error that disclosed sensitive information. The envelopes used had clear plastic windows through which the details of HIV […]

OIG Finds System Vulnerabilities at North Carolina State Medicaid Agency

January 19, 2018 Site Editor

The Department of Health and Human Services’ Office of Inspector General (OIG) found data security inadequacies upon auditing the North Carolina State Medicaid agency. According to the report, the State agency did not implement enough […]

Scrub Nurse That Photographed Employee-Patient’s Genitals Violates HIPAA Rules

January 15, 2018 Site Editor

A scrub nurse was fired for violating the HIPAA Rules. Allegedly, a scrub nurse photographed the genitals of an employee–patient undergoing incision hernia surgery at Washington Hospital. She used her mobile phone to take photos […]

21st Century Oncology Pays $2.3 Million for HIPAA Settlement with OCR

January 4, 2018 Site Editor

21st Century Oncology agreed to pay the Department of Health and Human Services’ Office for Civil Rights (OCR) a settlement fee to resolve its HIPAA violations which was discovered when a 2015 PHI breach involving […]

Oklahoma Health Department Required to Re-Notify 47,000 Data Breach Victims

January 1, 2018 Site Editor

The Oklahoma Department of Human Services had a data breach in April 2016. After discovering the breach, Oklahoma DHS notified the people impacted by the breach and the DHS’ Office of Inspector General, but not […]

Clinic Worker Who Stole PHI Punished With Five-Year Jail Term

December 26, 2017 Site Editor

A clinic worker gets 5-year jail term for stealing the protected health information of Kirkbride Center’s mentally ill patients and selling them to identity thieves. Jean Baptiste Alvarez, age 43, a resident of Aldan, Philadelphia […]

Compromised Email Accounts Exposed 18,500 Patients PHI

December 23, 2017 Site Editor

A PHI breach occurred at the Henry Ford Health System based in Detroit which impacted about 18,500 patients. The organization became aware of the breach on October 3, 2017. According to the report, the email […]

Employees Filed a Lawsuit Against Lincare for Negligence in W2 Phishing Attack

December 21, 2017 Site Editor

Lincare Holdings Inc., one company supplying home respiratory therapy products, had a breach of employee personal data in February 2017. According to the report, an HR department employee emailed the W2 forms of thousands of […]

St. Luke’s Hospital Pays $387,000 to OCR for Disclosing Patient’s HIV Status to His Employer

December 20, 2017 Site Editor

Mount Sinai St. Luke’s Hospital settled a case with the Department of Health and Human Services’ Office for Civil Rights earlier this year. The 2014 case involved alleged HIPAA violations over an impermissible disclosure of […]

Stolen Computers Potentially Exposed 8,000 Patients PHI

November 4, 2017 Site Editor

Brevard Physician Associates had a recent incident of burglary which resulted in the potential exposure of limited protected health information of about 8,000 patients. On the morning of September 4, 2017, thieves broke into the […]

Illinois Psychiatrist Reported for Exposing PHI of 10,500 Patients

October 17, 2017 Site Editor

A tenant named Barbara Jarvis-Neavins filed a report against Illinois-based psychiatrist Dr. Riaz Baber for mishandling the medical records of more than 10,000 patients.  Apparently, the psychiatrist rented out his property to Jarvis-Neavins who eventually […]

Unsecured Amazon S3 Bucket Exposed 47GB of Medical Records

October 15, 2017 Site Editor

Recently, there was an incident that a HIPAA-covered entity used an unsecured Amazon S3 bucket to store patients’ medical data. It was the researchers from Kromtech Security who discovered the cloud storage security problem. There were […]

Phishing Attack Impacts 51,000 Plan Members of Network Health

October 14, 2017 Site Editor

Network Health, a health insurance provider based in Wisconsin, recently informed its 51, 232 plan holders about the unauthorized access of their protected health information (PHI). According to the report, the security breach began in August […]

  • Site Map
  • About Calculated HIPAA
  • Calculated HIPAA Privacy Policy

© Copyright 2003 to 2021 Calculated HIPAA