Cascade Eye and Skin Centers Pays $250,000 to Settle Alleged HIPAA Violations
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has reached a $250,000 settlement with Cascade Eye and Skin Centers, P.C.,…
Read MoreThe Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has reached a $250,000 settlement with Cascade Eye and Skin Centers, P.C.,…
Read MoreOctaPharma Plasma Donation Centers Shut Down While Investigating Ransomware Attack The Swiss pharmaceutical company, Octapharma Plasma, encountered a cyberattack that impacted the systems at 190…
Epic Systems has shut down access to information for a startup company called Particle Health after it alleged that the company was disclosing patient information…
Over 547,000 People Impacted by The Chattanooga Heart Institute Cyberattack on April 2023 The Chattanooga Heart Institute has found out that its April 2023 cyberattack…
Aveanna Healthcare Email Account Breach Home health and hospice care provider, Aveanna Healthcare based in Atlanta, GA, announced a security breach of its email environment…
Credential Harvesting Mitigations Shared by HHS The Health Sector Cybersecurity Coordination Center (HC3) has published a healthcare and public health (HPH) sector advisory concerning credential…
Data Breach at Weirton Medical Center in West Virginia Weirton Medical Center based in West Virginia discovered suspicious activity inside its computer system on January…
HSCC’s 5-Year Strategic Program for Strengthening Healthcare Cybersecurity Healthcare cyberattacks are increasing in number and intensity every year. In 2023, around 740 healthcare data breach…
177,000 Patients Affected by Northeast Orthopedics and Sports Medicine Breach Northeast Orthopedics and Sports Medicine located in Nanuet, NY recently announced a cyberattack that affected…
Apria Healthcare Faces Lawsuit Over HIPAA Violations Indiana Attorney General Todd Rokita is taking legal action against Apria Healthcare for violating the Health Insurance Portability…
Vulnerabilities identified in the remote desktop software ConnectWise ScreenConnect are being exploited to deliver a selection of different malicious payloads into enterprise environments. ConnectWise first…
The Department of Health and Human Services (HHS) Office for Civil Rights has filed its annual report to Congress about compliance with the HIPAA Privacy,…
U.S. Senator Ron Wyden (D-OR) wrote to the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) requiring action to safeguard customers and…
The Government Accountability Office (GAO) has discovered that many federal agencies that deal with risk for critical infrastructure sectors have evaluated or intend to monitor…
462,000 Hawaiians Impacted by the Navvis & Company Data Breach Around 462,000 people who signed up for health plans with the Hawaii Medical Service Association…
133K Records Exposed at Columbus Regional Healthcare System Columbus Regional Healthcare System in Whiteville, NC, submitted a report to the Maine Attorney General concerning a…
HMG Healthcare Data Breach Impacts 80,000 People Healthcare services provider HMG Healthcare, LLC based in Texas recently reported the exposure and potential theft of the…
Integris Health is facing some class action lawsuits because of a recent cyberattack that resulted in a data breach. Although there’s no confirmation yet from…
ProSmile Holdings Patients Affected by July 2022 Data Breach Dental service organization ProSmile Holdings, LLC in New Jersey, notified patients on December 22, 2023, regarding…
About 6 lawsuits were filed against the Fred Hutchinson Cancer Center because of a cyberattack and data breach that happened on the Thanksgiving weekend of…
Heart of Texas Behavioral Health Network Cyberattack The Heart of Texas Behavioral Health Network (HOTBHN), previously known as the Heart of Texas Region MHMR Center, helps…
Under the HIPAA Privacy Rule, PHI can only be given out after obtaining written authorization from the patient, except in specific circumstances such as treatment,…
Cyberattack on Proliance Surgeons Surgical group Proliance Surgeons based in Seattle, WA has approximately 100 centers in Washington state. It sent notification letters to 437,392…
$80,000 HIPAA Fine Paid by St. Joseph’s Medical Center for Disclosing PHI to a Reporter The Department of Health and Human Services (HHS) Office for…
Potential Cyberattack on Daviess Community Hospital Daviess Community Hospital, which is affiliated with Ascension St. Vincent Hospital based in Washington, IN, reported that it started…
Financial Asset Management Systems and The Harris Center for Mental Health announced their encounter with ransomware attacks. Munsen Healthcare is looking into a cyberattack on…
Okta Affected by Third-Party Vendor Incident and Customer Support System Breach Cloud identity and access management solutions provider, Okta, based in San Francisco has confirmed…
Cyberattack on the University of Michigan Health Service and School of Dentistry The University of Michigan (UM) has recently reported that it encountered a cyberattack…
What is OSHA Certification? OSHA certification is an acknowledgment employees get for finishing training courses in OSHA’s Safety and Health Fundamentals Program. A number of…
Blackbaud and 49 states and the District Of Columbia have agreed on a $49.5 million settlement to take care of accusations of inadequate data security…
Broomfield Skilled Nursing and Rehabilitation Center has reached a settlement with the Colorado Attorney General over the supposed HIPAA violation and Colorado’s data protection rules…
The cloud is replacing on-premises infrastructures, however, healthcare continues to lag compared to other industries for cloud usage. Cloud usage has expanded in medical care…
Email Incident at AmeriBen Exposed the PHI of About 75,000 People Medical benefits administration services provider IEC Group, Inc., dba AmeriBen, recently submitted an email…
Senator Seeks Information on How to Improve Health Data Privacy Senator Bill Cassidy (R-LA), who is a member of the U.S. Senate Committee on Health,…
The U.S. Department of Labor (DOL) recently issued a Notice of Proposed Rulemaking (NPRM) that proposes changes to the existing Occupational Safety and Health Administration…
Is Website Metadata Really Controlled by HIPAA The HHS’ Office for Civil Rights introduced guidance in 2022 about HIPAA and website tracking technologies and stated…
Singing River Health System located in Mississippi, which manages Ocean Springs Hospital, Pascagoula Hospital, and Gulfport Hospital, noticed strange activity inside its IT network last…
There are a lot of advantages that have resulted from HIPAA, the most widely known of which are enhancing privacy security for patients and enhancing…
Advocate Aurora Health Pays $12.25 Million to Settle Pixel Lawsuit Advocate Aurora Health has offered to pay $12.25 million as a settlement of a consolidated…
LockBit Ransomware Group Threatens to Expose Stolen Cancer Patient Information The LockBit ransomware group included Varian Medical Systems to its data leak website and made…
24,400 Rite Aid Customers Had Personal Information Compromised in May Cyberattack Rite Aid has reported the theft of the protected health information (PHI) of about…
98,000 UT Southwestern Medical Center Patients Affected by MOVEit Cyberattack UT Southwestern Medical Center (UTSW) has reported the theft of the protected health information (PHI)…
The Occupational Safety and Health Administration (OSHA) has given details on the health and safety failures of two hospitals that resulted in about $24,000 in…
ARx Patient Solutions Reports Email Account Breach from 2022 Healthcare provider ARx Patient Solutions, based in Kansas lately informed the Maine Attorney General regarding a…
Kannact & Vincera Institute Encounter Cyberattacks Home care service provider, Kannact Inc. based in Albany, OR, states it discovered unauthorized access to its computer system…
Washington Hospital Pays $240,000 HIPAA Fine for Security Guards’ Medical Records Access All reported protected health information (PHI) breaches involving 500 or more people and…
Mistrial Announced in Criminal HIPAA Prosecution of Doctors Who Shared PHI with Undercover FBI Agent The prosecution of two physicians charged with criminal HIPAA violations…
In case your HIPAA-covered company is intending to use Microsoft Teams to collect, save, share, or send electronic PHI, you must understand how to make…
Cyberattack Affected 28,000 Clarke County Hospital Patients Clarke County Hospital based in Osceola, IA, began informing 28,003 present and past patients concerning a security breach…
The Federal Trade Commission (FTC) has suggested adjustments to the Health Breach Notification Rule to reinforce the applicability of the Rule to health applications and…
Oklahoma Institute of Allergy Asthma and Immunology Stops Operations After Cyberattack The Oklahoma Institute of Allergy Asthma and Immunology was compelled to stop trading as…
When the Health Insurance Portability and Accountability Act (HIPAA) became law in 1996, the Department of Health and Human Services (HHS) was required to create…
A new survey involving IT decision makers provided information about password management practices and the growing adoption of passwordless authentication. Password manager provider, Bitwarden, had…
Insight Global Settles Class Action Data Breach Lawsuit Insight Global LLC has made a decision to resolve a class action lawsuit associated with an April…
Employer Pays $15,000 Damages for Firing a COVID-19 Whistleblower An employee got fired for pointing out COVID-19 safety concerns. But now he will get $15,000…
The home healthcare provider based in White Plains, NY, Unlimited Care Inc., suffered a cyberattack that disrupted its system on February 16, 2023. Unlimited Care…
Montgomery General Hospital Suffers Ransomware Attack and Data Leak Montgomery General Hospital located in West Virginia encountered a cyberattack that allowed unauthorized persons to access…
20% of Ransomware Attacks Involve Victim Harassment Ransomware groups are more and more omitting file encryption and are focusing on data theft and extortion tactics,…
The Health Sector Cybersecurity Coordination Center (HC3) has provided threat intelligence advice regarding the Black Basta ransomware group to aid network defenders to avoid and…
CISA and the FBI published a joint cybersecurity advisory and shared information about the tactics, techniques, and procedures (TTPs) utilized by the Royal ransomware group…
The Federal Trade Commission (FTC) has reported that it has reached a settlement with BetterHelp Inc., an online counseling service provider based in California, to…
Hacking Incident at The Hutchinson Clinic in December 2022 The healthcare company The Hutchinson Clinic based in Hutchinson, KS lately reported that hackers gained access…
Hacking and Data Theft Incident at CentraState Healthcare System CentraState Healthcare System based in Freehold Township, NJ has just reported that unauthorized individuals breached its…
$3 Million Settlement Offered to Resolve 20/20 Eye Care Network Data Breach Lawsuit iCare Acquisitions has offered to pay $3 million to settle claims from…
Healthcare providers are spending on cybersecurity to enhance their protection against increasing and more sophisticated cyberattacks. Even with the improvements in an organization’s security posture,…
Whenever a data breach happens and sensitive data is exposed, the HIPAA Breach Notification Rule demands the notification of affected persons. The FTC Health Breach…
Ransomware groups are earning less from their cyberattacks as fewer victims pay ransoms to acquire the decryption keys and keep the stolen information from publicity,…
A Washington therapist, Robert S. Miller LICSW, ACSW (RSM), lately informed 640 present and past clients concerning a phishing attack that led to the compromise…
Healthcare ransomware attacks have doubled in the last 5 years, data restoration from backups has lessened, and it is now typical for information to be…
A lot of ransomware attacks remain performed on healthcare providers, however, identifying the magnitude to which healthcare companies are being targeted by ransomware attackers is…
Plaintiffs in a combined class action lawsuit against Meta recently sought an injunction versus Meta to make the company stop getting and transmitting information accumulated…
Passwords can give a good level of security, yet oftentimes end users pick poor passwords that don’t make it difficult for attackers. Plenty of the…
Cyberattacks have grown in frequency and complexity to the point that all healthcare organizations are likely to experience a successful attack sooner or later. It…
The Health Sector Cybersecurity Coordination Center (HC3) has published an alert to the healthcare and public health (HPH) sector concerning Royal ransomware attacks. This new…
A Notice of Proposed Rulemaking (NPRM) has been released by the Department of Health and Human Services (HHS) and the Substance Abuse and Mental Health…
The U.S. Department of Justice has charged 10 people with business email compromise scams that brought about losses of over $11.1 million from Medicare, Medicaid,…
CorrectCare Integrated Health, a medical claims processor, lately informed its clients about the accidental exposure of the protected health information (PHI) of a number of…
The federal government has released an alert to the healthcare industry concerning the danger of cyberattacks conducted by Iranian threat actors. Iranian state-sponsored actors do…
The OpenSSL Project stated recently that it would release a patch on November 1, 2022, to fix a critical OpenSLL vulnerability. Information on how to…
Database Misconfiguration at Delaware Department of Health and Social Services The Delaware Department of Health and Social Services, Division of Developmental Disabilities Services (DDDS) has…
Lifespire Services located in New York provides people with developmental handicaps healthcare services. The company initially reported a security incident in April 2022 and now…
Threat actors commonly use living-off-the-land techniques for performing reconnaissance, privilege elevation, persistence, and moving laterally inside networks undiscovered. Similar software and security resources employed by…
An affiliate of the notorious Netwalker ransomware group was sentenced to 20 years in prison because of taking part in ransomware attacks on U.S. companies….
The Health Sector Cybersecurity Coordination Center (HC3) has given an alert concerning the Chinese state-sponsored threat actor monitored as APT41. This threat group has been…
Lubbock Heart & Surgical Hospital based in Texas lately reported its encounter with a hacking incident that disrupted the operations of part of its IT…
Ambry Genetics has made a decision to resolve a class action lawsuit that was because of a breach of the protected health information (PHI) of…
The Michigan law firm, Warner Norcross and Judd LLP, has released notification letters to 255,160 persons informing them about a data breach in October 2021…
First Street Family Health located in Salida, CO has experienced a dangerous cyberattack that led to the exfiltration of files composed of patient data and…
The California Department of Corrections and Rehabilitation (CDCR) has just learned that unauthorized persons have acquired access to its information systems. The affected system stored…
A digital marketing and analytics firm located in Idaho filed a lawsuit against the Federal Trade Commission for allegedly violating the Federal Trade Commission (FTC)…
Zenith American Solutions, the Sound Health and Wellness Trust’s third-party administrator, just informed people concerning a mailing error that exposed the Social Security numbers of…
Cyberattacks on companies are growing year after year in all industries. Cyberattacks that involve third parties likewise increased. From the viewpoint of a cyber attacker,…