Cascade Eye and Skin Centers Pays $250,000 to Settle Alleged HIPAA Violations
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has reached a $250,000 settlement with Cascade Eye and Skin Centers, P.C.,…
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has reached a $250,000 settlement with Cascade Eye and Skin Centers, P.C.,…
A $2.95 million financial penalty payment is proposed by the Federal Trade Commission (FTC) for Verkada, a security camera vendor based in California, to settle…
According to information provided by the Vipre Security Group, there’s a spike in business email compromise attacks in the previous year and cybercriminals are using…
The healthcare industry is facing more severe and sophisticated cyberattacks. Greater effort is necessary to strengthen protection, attacks will likely keep increasing. These attacks present…
Blackbaud has decided to pay $6.75 million to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and California’s data privacy regulations…
858K Individuals Impacted by Superior Air-Ground Ambulance Service Data Breach Superior Air-Ground Ambulance Service provides ambulance and Emergency Medical Services (EMS) in Indiana, Illinois, Michigan,…
Administration services provider to medical insurance and benefit plans, WebTPA based in Texas, recently began sending notification letters to 2,429,175 benefit plan members concerning the…
Investigation Of Ascension Cyberattack Ascension, a leading non-profit and Catholic health system in the U.S., has reported the investigation of a supposed cyberattack that has…
Wisconsin Dental Surgery Center Email Account Breach Bay Oral Surgery & Implant Center (Bay Oral), a group of oral & maxillofacial dental surgery centers located…
OctaPharma Plasma Donation Centers Shut Down While Investigating Ransomware Attack The Swiss pharmaceutical company, Octapharma Plasma, encountered a cyberattack that impacted the systems at 190…
Epic Systems has shut down access to information for a startup company called Particle Health after it alleged that the company was disclosing patient information…
The term HIPAA compliant email refers to an email system with the necessary safeguards to protect the confidentiality, integrity, and availability of PHI, that is…
Over 547,000 People Impacted by The Chattanooga Heart Institute Cyberattack on April 2023 The Chattanooga Heart Institute has found out that its April 2023 cyberattack…
Aveanna Healthcare Email Account Breach Home health and hospice care provider, Aveanna Healthcare based in Atlanta, GA, announced a security breach of its email environment…
HIPAA was enacted to improve the efficiency and effectiveness of the healthcare system by ensuring the portability of health insurance coverage, protecting the privacy and…
Credential Harvesting Mitigations Shared by HHS The Health Sector Cybersecurity Coordination Center (HC3) has published a healthcare and public health (HPH) sector advisory concerning credential…
HIPAA does not apply to entities or individuals that do not meet the definition of covered entities or business associates under the HIPAA regulations, such…
The purpose of the HIPAA Privacy Rule is to establish national standards for the protection of individuals’ medical records and other personal health information, ensuring…
An example of protected health information (PHI) is a patient’s medical record containing personal identifiers such as their name, date of birth, Social Security number,…
State privacy law supersedes HIPAA when it provides greater privacy protections or rights to individuals regarding the use and disclosure of protected health information (PHI),…
Data Breach at Weirton Medical Center in West Virginia Weirton Medical Center based in West Virginia discovered suspicious activity inside its computer system on January…
The consequences of violating HIPAA can include civil monetary penalties, corrective action plans, criminal charges, reputational damage, and disciplinary actions, potentially leading to fines, imprisonment,…
HIPAA benefits patients by ensuring the confidentiality, security, and privacy of their protected health information (PHI), granting them greater control over their medical records, building…
HSCC’s 5-Year Strategic Program for Strengthening Healthcare Cybersecurity Healthcare cyberattacks are increasing in number and intensity every year. In 2023, around 740 healthcare data breach…
A healthcare clearinghouse serves as an important intermediary in the exchange of electronic health information within the healthcare system. Acting as a centralized hub, a…
177,000 Patients Affected by Northeast Orthopedics and Sports Medicine Breach Northeast Orthopedics and Sports Medicine located in Nanuet, NY recently announced a cyberattack that affected…
A HIPAA violation involves a range of infractions that breach the regulations stipulated by HIPAA regarding the safeguarding of protected health information (PHI). This includes…
HIPAA was enacted in 1996, marking an important milestone in healthcare regulation within the United States. This legislation was introduced with the goal of addressing…
Apria Healthcare Faces Lawsuit Over HIPAA Violations Indiana Attorney General Todd Rokita is taking legal action against Apria Healthcare for violating the Health Insurance Portability…
A HIPAA violation in the workplace constitutes a breach of the regulatory standards outlined in the HIPAA, specifically concerning the protection of protected health information…
The HIPAA Privacy Rule represents a foundational component of healthcare regulation in the United States, setting in-depth standards for safeguarding individuals’ protected health information (PHI)….
Vulnerabilities identified in the remote desktop software ConnectWise ScreenConnect are being exploited to deliver a selection of different malicious payloads into enterprise environments. ConnectWise first…
The purpose of HIPAA involves several key objectives aimed at improving the healthcare system. HIPAA seeks to safeguard the privacy and security of individuals’ protected…
The Department of Health and Human Services (HHS) Office for Civil Rights has filed its annual report to Congress about compliance with the HIPAA Privacy,…
A covered entity under HIPAA includes healthcare providers, health plans, and healthcare clearinghouses that engage in electronic transactions involving individually identifiable health information. Healthcare providers…
Protected Health Information (PHI) comprises any individually identifiable health information that is maintained or transmitted by covered entities. This involves a wide range of data,…
Protected Health Information (PHI) involves a broad range of individually identifiable health data maintained or transmitted in any form or medium, inclusive of but not…
U.S. Senator Ron Wyden (D-OR) wrote to the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) requiring action to safeguard customers and…
The Government Accountability Office (GAO) has discovered that many federal agencies that deal with risk for critical infrastructure sectors have evaluated or intend to monitor…
462,000 Hawaiians Impacted by the Navvis & Company Data Breach Around 462,000 people who signed up for health plans with the Hawaii Medical Service Association…
It is possible to report a HIPAA violation anonymously by submitting a complaint to the Department of Health and Human Services’ Office for Civil Rights…
133K Records Exposed at Columbus Regional Healthcare System Columbus Regional Healthcare System in Whiteville, NC, submitted a report to the Maine Attorney General concerning a…
HMG Healthcare Data Breach Impacts 80,000 People Healthcare services provider HMG Healthcare, LLC based in Texas recently reported the exposure and potential theft of the…
As of January 2022, OneDrive, Microsoft’s cloud storage service, does not possess a dedicated HIPAA compliance certification, Microsoft does offer a HIPAA Business Associate Agreement…
Google Chat does not meet the standards for HIPAA compliance due to its lack of specific security features and assurances required to safeguard protected health…
Slack has the capability to meet the requirements for HIPAA compliance when configured with the appropriate security protocols and safeguards. To achieve HIPAA compliance, organizations…
Though the new HIPAA regulations presented in the Final Omnibus Rule of 2013 didn’t change much of the current HIPAA Security and Privacy Rules, there…
Azure offers services and features that can be used in a HIPAA-compliant manner, but achieving compliance requires proper configuration, implementation of appropriate security measures, and…
While HIPAA regulations do not specify an exact frequency for ongoing security and privacy training after the initial session, industry best practice is to conduct…
The enforcement of the Administrative Simplification requirements falls under the jurisdiction of the Office for Civil Rights (OCR) within the U.S. Department of Health and…
HIPAA mandates strict requirements for the protection of electronic protected health information (ePHI) through strong encryption measures. Covered entities and their business associates must implement…
Nurses who violate HIPAA may face strict penalties, involving both civil and criminal consequences, outlining the importance of upholding patient confidentiality and safeguarding protected health…
HIPAA was enacted with the primary aim of addressing several important aspects within the healthcare sector. Its introduction sought to improve the efficiency and efficacy…
After an accidental HIPAA violation occurs, the responsible party typically undergoes a thorough investigation by the Office for Civil Rights (OCR), the federal agency tasked…
Integris Health is facing some class action lawsuits because of a recent cyberattack that resulted in a data breach. Although there’s no confirmation yet from…
Under HIPAA, the distribution of patient information on social media platforms is strictly prohibited. HIPAA establishes strict confidentiality and privacy safeguards for individually identifiable health…
HIPAA outlines specific rules for the retention of records in the healthcare sector. Covered entities, including healthcare providers, health plans, and healthcare clearinghouses, are mandated…
HIPAA sets in-depth guidelines to safeguard electronic protected health information (ePHI) and requires covered entities and business associates to implement robust security measures, including secure…
HIPAA outlines strict guidelines to safeguard the confidentiality and security of protected health information (PHI), and violations of these provisions can manifest in various forms….
PHI of a deceased individual is safeguarded for a period of 50 years following their death, after which the information is no longer considered PHI…
The consequences for breaching HIPAA regulations are varied and carry strict legal and financial ramifications. Civil penalties for non-compliance can result in monetary fines levied…
In compliance with the HIPAA, healthcare providers must adhere to specific rules when telephoning patients to ensure the confidentiality and security of patients’ protected health…
A HIPAA Compliance Officer plays an important role within an organization by orchestrating the development and execution of policies and procedures aimed at achieving and…
ProSmile Holdings Patients Affected by July 2022 Data Breach Dental service organization ProSmile Holdings, LLC in New Jersey, notified patients on December 22, 2023, regarding…
While Google Drive, as a standalone service, does not inherently adhere to HIPAA standards, Google offers a Business Associate Agreement (BAA) for its Google Workspace…
The act of texting is not prohibited by HIPAA, but the transmission of protected health information (PHI) via unsecured text messaging platforms without appropriate safeguards…
Zoom can be utilized in a manner compliant with HIPAA when specific precautions are taken. Healthcare providers seeking to use Zoom for telehealth sessions or…
Healthcare entities and their business associates are mandated under HIPAA to promptly report any breaches of protected health information (PHI) to maintain compliance with federal…
The responsibility for enforcing HIPAA lies with the Office for Civil Rights (OCR), an entity operating within the U.S. Department of Health and Human Services…
About 6 lawsuits were filed against the Fred Hutchinson Cancer Center because of a cyberattack and data breach that happened on the Thanksgiving weekend of…
Reporting a HIPAA breach necessitates adhering to strict guidelines outlined in the HIPAA regulations. Upon discovering a breach, individuals or organizations are obligated to promptly…
Non-compliance with HIPAA can result in a range of penalties, both civil and criminal, reflecting the gravity of the HIPAA violation. Civil fines for HIPAA…
As of January 2022, Skype does not inherently meet the requirements for full compliance with the HIPAA. HIPAA mandates strict privacy and security standards for…
For HIPAA compliance, a dentist office must implement administrative, physical, and technical safeguards to protect patient health information, such as conducting regular risk assessments, training…
Under HIPAA, emailing patient names is permitted, provided that strict measures are in place to safeguard the confidentiality and security of protected health information (PHI)….
HIPAA certification, as a formal designation, does not exist within HIPAA. Despite this, ensuring compliance with HIPAA regulations is necessary for entities handling protected health…
HIPAA rules for electronic signatures necessitate strict adherence to the Security Rule, which mandates that electronic signatures be safeguarded through measures such as encryption and…
Facebook Messenger does not meet the standards for HIPAA compliance, primarily due to its lack of encryption and other necessary safeguards for securely transmitting protected…
HIPAA holds importance in healthcare by establishing and enforcing national standards for the protection of individuals’ sensitive health information. Enacted to address the evolving challenges…
Dentists are mandated to adhere to various regulations outlined in HIPAA. These regulations concern safeguarding protected health information (PHI) by ensuring its confidentiality, integrity, and…
Heart of Texas Behavioral Health Network Cyberattack The Heart of Texas Behavioral Health Network (HOTBHN), previously known as the Heart of Texas Region MHMR Center, helps…
HIPAA-covered entities involve organizations and individuals within the healthcare sector who play a role in managing protected health information (PHI) and are bound by the…
HIPAA Compliance represents an important framework within the United States healthcare system, meticulously designed to uphold the confidentiality, integrity, and security of individuals’ sensitive health…
Patients have the legal right to sue a hospital for a HIPAA violation. In the event of improper disclosure or mishandling of protected health information,…
Under the HIPAA Privacy Rule, PHI can only be given out after obtaining written authorization from the patient, except in specific circumstances such as treatment,…
Cyberattack on Proliance Surgeons Surgical group Proliance Surgeons based in Seattle, WA has approximately 100 centers in Washington state. It sent notification letters to 437,392…
Dropbox does not inherently assert full HIPAA compliance, yet it does provide a pathway for HIPAA compliance through a specialized addendum tailored for Business and…
$80,000 HIPAA Fine Paid by St. Joseph’s Medical Center for Disclosing PHI to a Reporter The Department of Health and Human Services (HHS) Office for…
Potential Cyberattack on Daviess Community Hospital Daviess Community Hospital, which is affiliated with Ascension St. Vincent Hospital based in Washington, IN, reported that it started…
Yes, DocuSign is HIPAA compliant, providing appropriate safeguards like encryption and access controls to ensure the confidentiality and integrity of electronic protected health information (ePHI),…
Financial Asset Management Systems and The Harris Center for Mental Health announced their encounter with ransomware attacks. Munsen Healthcare is looking into a cyberattack on…
Okta Affected by Third-Party Vendor Incident and Customer Support System Breach Cloud identity and access management solutions provider, Okta, based in San Francisco has confirmed…
Cyberattack on the University of Michigan Health Service and School of Dentistry The University of Michigan (UM) has recently reported that it encountered a cyberattack…
What is OSHA Certification? OSHA certification is an acknowledgment employees get for finishing training courses in OSHA’s Safety and Health Fundamentals Program. A number of…
Blackbaud and 49 states and the District Of Columbia have agreed on a $49.5 million settlement to take care of accusations of inadequate data security…
Broomfield Skilled Nursing and Rehabilitation Center has reached a settlement with the Colorado Attorney General over the supposed HIPAA violation and Colorado’s data protection rules…
Under the HIPAA Privacy Rule, covered entities are required to provide an accounting of disclosures, which is a detailed record of when and to whom…
The cloud is replacing on-premises infrastructures, however, healthcare continues to lag compared to other industries for cloud usage. Cloud usage has expanded in medical care…
Yes, SharePoint can be HIPAA compliant when used correctly, as Microsoft offers a Business Associate Agreement (BAA) and includes necessary security measures like encryption and…
Email Incident at AmeriBen Exposed the PHI of About 75,000 People Medical benefits administration services provider IEC Group, Inc., dba AmeriBen, recently submitted an email…