Site Map

• CalHIPAA
• HIPAA Enforcement Procedures
• HHS Issues First Guidance On New Patient Privacy Regulations
• Customizable Required HIPAA Forms, Policies and Authorizations
• An Overview of HIPAA
• The History of HIPAA
• HIPAA Compliance Dates
• HIPAA Strategies
• A Glossary of HIPAA Terms
• HIPAA Casualty Reports
• HIPAA Implementation Summary
• HIPAA Compliance
• HIPAA Violations
• HIPAA Training
• HIPAA Penalties
• What is Protected Health Information?
• What Does PHI Stand For?
• Why is HIPAA Important?
• 3,600 Michigan Medicine Patients Affected by Mailing Error
• Motion to Dismiss Lawsuit Filed by a California HIV Patient PHI Breach Victim Rejected
• New HHS OIG Website Spreads News of Its Cybersecurity-Focused Activities
• Stolen Documents with PHI Found by a KHOU Employee in Houston Street
• 37,000 Gold Coast Health Plan Members Affected by Phishing Attack
• ECRI Publishes 2019 Top Ten List of Health Technology Hazards
• Cofense Report Shows the High Susceptibility to Phishing Attacks of the Healthcare Industry Compared to Others
• ICO Issued the First UK GDPR Notice to AggregateIQ
• Claxton-Hepburn Medical Center Employees Terminated for Violating the HIPAA
• Ohio Living and Tucson Medical Center Breaches Exposed 8.200 Patients’ PHI
• Gynecologist License Revoked for Criminal HIPAA Violation But No Jail Time or Penalty
• Free HIPAA Quiz to Help Healthcare Organizations with HIPAA Compliance
• UMass Memorial Health Care Pays Massachusetts Attorney General’s Office $230,000 for HIPAA Violations
• Three Hospitals Pay $999,000 in HIPAA Penalties Related to Boston Med HIPAA Violations
• California Consumer Privacy Act Passed by California Legislature
• FDA Plans on Expanding the Examination of Medical Device Cybersecurity
• CMS Investigates Fairview Southdale Hospital for Videotaping Patients Without Knowledge or Consent
• Ransomware Attack on Fetal Diagnostic Institute of the Pacific Impacts 40,800 Patients
• OCR Issues Guidance on Health Data Sharing With the Declaration of a Public Health Emergency
• New Privacy Framework to Help Businesses Protect the Customer and Employee Privacy
• Apple App Store Privacy Policy Changes After Enforcing the GDPR
• New Mexico Hospital Medical Records Exposed in the Street
• Guidelines on The Use of Social Media to Avert HIPAA Violations
• 66% of UK Companies Do Not Have Cyber Risk Insurance Policies
• Arc of Erie County Pays NY Attorney Generals’ Office $200,000 for Security Breach
• ICS-CERT’s Advisory on 9 Philips E-Alert Units Vulnerabilities
• ‘Misfortune Cookie’ Flaw Discovered in Qualcomm Life Capsule Datacaptor Terminal Server
• Breach of PHI of 19,570 Missouri Care Members Due to Mis-Maiing
• Phishing Attack on Los Angeles Drug and Alcohol Treatment Center Impacts 1,790 Patients
• McAlester Hospital in Trouble for Impermissible Disclosure of Medical Information
• Ransomware Attack on Central Colorado Dermatology Caused Unauthorized PHI Access
• Data Breach at Gordon Schanzlin New Vision Institute Impacts 9,350 Patients’ PHI
• Network Access Via Fax Machine Vulnerability Possible
• APWG Reports for Q1 2018 a 46% Increase in Phishing Websites
• The PHI of 17,000 Patients from Oregon and Massachusetts Exposed
• 23% of Data Breaches in Q2 2018 Due to Email Account Compromises
• Why a GDPR Lead Supervisory Authority Should Be Appointed
• Request for Information on Federal Health Privacy Rules and Proposed Changes to Be Released by HHS
• Massachusetts Bill Seeks 18 Months Zero Cost Credit Monitoring Services for Victims of Data Breach
• PHI of 3,775 Patients of a New York Physician Potentially Exposed
• Alive Hospice Notifies Patients of PHI Breach Caused By Phishing Attack
• PHI of 8,400 Billings Clinic Patients Compromised Due to Hacked Email Account
• Cass Regional Medical Center Reacts Promptly to Ransomware Attack
• The HIPAA Requirements on Patch Management
• Advanced Cyber Spoofing Attack Revealed by Humana
• Fax Messages with PHI Sent to the Wrong Patient
• Hospital Pager Messages Intercepted Resulting in PHI Breach
• Employees Suspended for Snooping on Patient Health Records
• Mobile Technology Greatly Improves Patient Services in Hospitals According to Survey
• 1,600 Patients’ PHI Exposed in Terros Health Phishing Scam
• Ex-Employees of Hair Free Forever and Muir Medical Group Violate HIPAA Privacy Rule
• OCR Received Multiple Data Breach Reports by Dignity Health
• Patient Complaints on Obtaining Copies of Their Health Records
• Security Breaches Discovered by Purdue University Potentially Affected 1,711 Patients
• April 2018 Healthcare Data Breach Report
• Lincare Resolved to Pay $875,000 to Negotiate W-2 Phishing Scam Lawsuit
• SamSam Ransomware Attack on Allied Physicians Group of Michiana Potentially Exposed PHI
• Are EU Citizens Living in the US Secured by GDPR?
• How Healthcare Providers Can Save on AWS EC2 Instances Costs
• Class Action Lawsuit on UnityPoint Health Filed By Data Breach Victims
• How the GDPR Apply to Employee’s Personal Data
• Massachusetts Gynecologist Charged With Criminal HIPAA Violation and Obstruction of Investigation
• Terminated Employee Got Hold of PHI of 100 Patients
• How will GDPR Affect American Organizations in Protecting Rights to Privacy
• Transcription Services Web Portal Breach Leaked Patients’ PHI
• Healthcare Data Breach Report for Q1 2018
• Orangeworm Threat Group Used Kwampirs Backdoor to Attack the Healthcare Industry
• PHI of 1,071 Mental Health Patients Disclosed for Over 3 Years
• Cybersecurity Framework Version 1.1 Released By NIST
• Healthcare Data Breach Analysis for March 2018
• Phishing Attack on UnityPoint Health Compromised Several Employees’ Email Accounts
• Inogen Data Breach Potentially Impacts 30,000 Individuals
• 1,500 Baptist Health Patients Alerted for Possible Credit Card Fraud
• The PHI of 63,500 Middletown Medical Patients Impacted by Data Breach
• Receptionist Stole 653 Patients’ PHI and Penalized With 2 to 6 Years Jail Term
• Poor Patching Practices Increase the Risk of Exploited Vulnerabilites
• New Jersey Attorney General’s Office Fined Virtua Medical Group the Amount of $418,000
• Alabama’s Data Breach Notification Act Enacted
• Massachusetts Police Department Discovered Cambridge Health Alliance PHI Breach
• State Attorneys General Oppose the DATAS Act
• The South Dakota Data Breach Notification Law Has Been Approved
• Healthcare Data Breaches Increase Mortality Rates According to Research
• What is a HIPAA Violation and How does it Happen?
• Some Facts About HIPAA and Important HIPAA Rule Updates
• What Happens to Healthcare Employees Who Violate HIPAA Rules?
• Medical University of South Carolina Terminated 13 Employees for HIPAA Violations in 2017
• SpamTitan v7.00 Switch to Bitdefender For Primary Antivirus Engine
• CPLSE-Owned Laptop with Unencrypted PHI Stolen
• Over 35,000 ATI Physical Therapy Patients Impacted by Phishing Attack
• PHI of 1,049 Patients Exposed in RoxSan Pharmacy Data Breach
• OIG Published the Findings on FISMA Compliance Review of HHS
• Email Accounts of Primary Health Care Employees Hacked Compromising Patients PHI
• QuadMed Employees Impermissibly Accessed the PHI of More than 9,850 Patients
• BJC Healthcare’s Data Breach Exposed the PHI of 33,420 Patients for 8 Months
• What HIPAA Changes and Enforcement Outlook Can Healthcare Organizations Expect in 2018?
• Alabama State Senate Passed the Data Breach Notification Act
• Two-Email Related Breaches Potentially Impacted 16,000 Individuals
• Healthcare Industry Employees Identified as Top HIPAA Threats
• Compliance With the Updated Common Rule Delayed for 6 Months
• Private Equity Syndicate Acquires PhishMe and Rebrands as Cofense
• The Second Largest Data Breach in New York Compromised 135,000 Patients’ Records
• ID Numbers of 70,320 Tufts Health Plan Members Exposed
• Protenus Healthcare Breach Barometer Report for January Published
• Insurance Provider Declines Audit Says OPM OIG
• Affected Patients of White and Bright Family Dental Server Hack Informed
• Sutter Health’s Business Associate Experienced a Phishing Incident
• What Should Healthcare Organizations Do to Reduce Cyber Extortion Risk?
• Different Types of Cyber Extortion Attacks on the Healthcare Industry Increasing
• Proper Handling of a HIPAA Privacy Complaint
• Triple-S Advantage Had Another Data Breach That Affected 36,000
• Ursnif Trojan Attacks and Sends Spear Phishing Emails
• HIMSS Warns About Five Cybersecurity Threats Trending Today
• VA OIG Audits Orlando VA Medical Center for Network Vulnerabilities
• Massachusetts Launched an Online Tool for Reporting Data Breaches
• Ron’s Pharmacy Services Email Account Breach Impacts 6,781 Patients
• Why Healthcare Organizations Become Victims of Multiple Ransomware Attacks
• Breach Notification Law is About to Change in South Dakota
• Partners HealthCare Delayed Breach Notification for Too Long
• Federal Court Denied Motion to Dismiss Lawsuit Against Mail Service
• AllScripts Faces Class Action Lawsuit Because of Ransomware Attack
• New Data Breach Notification Bill in North Carolina Reinforces Residents Identity Theft Protection
• Eastern Maine Medical Center Breach Exposed 660 Patients’ PHI
• Kansas Attorney General Fined Pearlie Mae’s Compassion and Care LLC for Violating Wayne Owen Act
• Aetna Needs to Pay $1.15 Million Settlement for the NY Attorney General Data Breach Case
• Causes of Healthcare Breaches in 2017 and How to Minimize Them
• Comparison of Healthcare Data Breaches From 2015 to 2017
• CIOX Health Sued HHS for Unlawful Changes Made On HIPAA Regulations
• Allscripts and Two Indiana Hospitals Were Attacked by Ransomware
• Aetna Agreed to Pay Victims of HIV Status Data Breach
• Hancock Health in Indiana Pays $55K Ransom to Unlock Encrypted Files
• Laptop Theft Potentially Compromised the PHI of 43,000 Patients of Coplin Health Systems
• Regulation on the Confidentiality of Substance Use Disorder Patient Records Updated
• Medicaid Patients PHI Exposed at Oklahoma State University Center for Health Sciences
• Two Malware Attacks on Colorado Practice Impacted 16,000+ Patients
• OIG Finds System Vulnerabilities at North Carolina State Medicaid Agency
• NewSky Security Discovers More than 1,000 Misconfigured Lexmark Printers
• AHIMA Helps Healthcare Organizations to Develop an Effective IG Program
• Ransomware Attacks in 2017 Increased by 62%
• Scrub Nurse That Photographed Employee-Patient’s Genitals Violates HIPAA Rules
• Improving the State of Email Security in Healthcare Using DMARC
• Ransomware Attack Cut Access to Dental Practice Records for 5 Days
• Protenus Released Healthcare Data Breach Report for November
• PHI of 1,750 Patients of Austin Manual Therapy Exposed Due to Data Theft
• Data Breaches in Texas and Pennsylvania Exposed the PHI of More than 5,000 Patients
• Summary of OCR’s HIPAA Enforcement Activities in 2017
• 21st Century Oncology Pays $2.3 Million for HIPAA Settlement with OCR
• AMA and Accenture Study Reveals Physicians’ Major Concern on Cyberattacks
• UNC Health Care Breach Potentially Impacts 24,000 Patients
• Oklahoma Health Department Required to Re-Notify 47,000 Data Breach Victims
• Ransomware Attack in Hackensack Sleep and Pulmonary Center
• Why Should the Congress Pass the Data Security and Breach Notification Act?
• Which Government Agency Enforces HIPAA Rules?
• Clinic Worker Who Stole PHI Punished With Five-Year Jail Term
• Compromised Email Accounts Exposed 18,500 Patients PHI
• What Can A Patient Do When There’s A Clear HIPAA Violation?
• Employees Filed a Lawsuit Against Lincare for Negligence in W2 Phishing Attack
• St. Luke’s Hospital Pays $387,000 to OCR for Disclosing Patient’s HIV Status to His Employer
• CareFirst Asks the Help of Supreme Court to Sort Out Data Breach Lawsuit
• Healthcare Industry Got the Most Class Action Data Breach Lawsuits in 2016
• Burglars Stole the Medical Records of 1,000 Patients in New Jersey
• Ransomware Attacks Aging Agency Impacting 8,750 Patients
• Medical College of Wisconsin Phishing Attack Exposed 9,500 Patients’ PHI
• Volunteers Needed for HIPAA Administrative Simplification Optimization Project Pilot
• TJ Samson Community Hospital Discovers Unauthorized Access of 683 Patients’ PHI
• Protenus Released November Healthcare Breach Barometer Report
• Catholic Charities of the Diocese of Albany Recently Discovered That Malware Infected Their Server Since 2015
• Lawnmower Engine Manufacturer Required to Comply With HIPAA Rules
• FDA Recommends Sharing of Information Recorded in Medical Devices
• What are the HIPAA Rules on Sharing PHI on Opioid Overdoses?
• Stolen Computers Potentially Exposed 8,000 Patients PHI
• PHI Theft Via Email Involved 932 Texas Children’s Health Plan Members
• Threat Report Confirms Volume of Malicious Emails Soared in Q3
• New WannaCry Ransomware Variant Attacks FirstHealth
• 1,300 PHI Potentially Exposed in RiverMend Health Email Breach
• Phishing Attack on Chase Brexton Health Care Potentially Impacts 16,500 PHI
• Significant Increase in September Healthcare Data Breaches Exposed Almost 500,000 PHI
• Advanced Spine & Pain Center Breach Impacts 8,362 Patients PHI
• HHS Issues Limited Waiver of HIPAA Sanctions and Penalties in California
• What are the Important Points of the Personal Data Breach Notification Act?
• Illinois Psychiatrist Reported for Exposing PHI of 10,500 Patients
• Unsecured Amazon S3 Bucket Exposed 47GB of Medical Records
• Phishing Attack Impacts 51,000 Plan Members of Network Health
• HHS Withdrew Proposed Rule for Certification of Compliance for CHPs
• What is the Internet of Medical Things Resilience Partnership Act?