CynergisTek has released a report which reveals that a significant number of healthcare organisations fail to comply with important pieces of healthcare legislation, including HIPAA’s…

Burrell Behavioral Health has revealed that a business associate’s error has compromised the data of 70,000 patients. The error occurred in August 2018. The business…

Maffi Clinics, Arizona, have revealed that a ransomware attack on their servers compromised the files of nearly 10,500 patients. Maffi Clinics, a network of 5…

Chicago’s Northwestern Memorial Hospital have had to fire up to 60 employees for accessing Jussie Smollett’s medical records without correct authorisation to do so. Jussie…

The University of Washington School of Medicine (UW Medicine) has announced that an IT error has resulted in the exposure of 974,000 patient data files…

Anesthesia Associates of Kansas City has announced that surgery schedules containing patient information were stolen from one of their employee’s vehicles last December. The employee,…

A warning has been issued about vulnerabilities affecting Dräger Infinity Delta patient monitoring devices. The warning was issued by Department of Homeland Security (DHS) United…

BJC HealthCare have announced that the details of nearly 6,000 credit cards were compromised following a cybersecurity incident. BJC HealthCare, based in Missouri, discovered the…

Mind & Motion Developmental Centers have revealed that they have been the victims of a ransomware attack on their servers. Mind & Motion Developmental Centers,…

A North Texas mental health services provider has announced that the sensitive files of over 1,800 patients have been compromised in a phishing attack. Metrocare…

A former IT worker at a New Jersey medical centre has been sentenced to 5 years’ probation for the theft of IT equipment that stored…

On June 29, 2018, the Department of Justice announced that a former patient information coordinator has been indicted by a federal grand jury for violations…

The District court has ruled that patients have no right to take legal action for HIPAA violation. That is to say that there is no…

Washington Health Systems has suspended several of their staff members following allegations that they accessed patient health records without authorisation. The privacy breach is currently…

A recent survey on the use of mobile technology in medical situations has shown that 90% of hospitals and 94% of physicians have adopted mobile…

Recently, several lawsuits have been filed in relation to alleged breaches of Health Insurance Portability and Accountability Act (HIPAA) Rules. Here, we provide an overview…

In a recent statement, the Department of Health and Human Services’ Office for Civil Rights (OCR) has reminded covered entities (CEs) that HIPAA compliance requires…

Earlier this month, LifeBridge Health, a Baltimore-based healthcare provider, made a statement announcing that it had discovered a data breach in their organisation. An initial…

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (DHS ICS-CERT) have issued warnings to healthcare providers about vulnerabilities in several medical…

In a recent statement the gastroenterology group Capital Digestive Care, based in Silver Spring, Maryland, announced that they have discovered a data breach in their…

Wombat Security has recently published a report which has revealed that employees in the healthcare industry have a lack of understanding and awareness about common…

Researchers Vanderbilt University, Tennessee, have released a study into the effects that breaches of healthcare data have on the affected individual’s health. The results of…

Earlier this month, the National Institute of Standards and Technology updated its Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) with new guidelines and advice…

A former receptionist at a New York dental practice has convicted of stealing the protected health information (PHI) of 653 patients at her formed place…

The telecommunications company Verizon has released its annual Protected Health Information Breach Report. This report offers a detailed analysis into the main causes of breaches,…

In the first quarter of 2018, 77 healthcare data breaches were reported to the Department of Health and Human Services’ Office for Civil Rights (OCR)….

To serve as a deterrent, the penalties for HIPAA violations can be severe. Violations by employees can attract a fine of up to $250,000 with…

The Ponemon Institute, which conducts research on privacy, data protection, and information security, has released the results of a survey of data breaches in healthcare…

The New York Attorney General has just announced a settlement with EmblemHealth for $575,000 following a HIPAA breach at the organisation in 2016. The breach…

Protenus, an organisation which aims to help healthcare organisations protect private patient data, regularly releases “Healthcare Breach Barometer” reports which compile their intelligence on healthcare…

The Post and Courier, the South Carolina newspaper, has released a report stating the Medical University of South Carolina (MUSC) terminated 13 employees last year…

The University of Virginia Health System has notified nearly 2,000 patents that a hacker has used malware to gain access to their protected health information…

The deputy director for health information privacy at the Department of Health and Human Services’ Office for Civil Rights, Iliana Peters, as just announced that…

In a recent announcement, Decatur County General Hospital in Tennessee revealed that it has been the victim of a cyberattack on their systems. Malware was…

Vanson Bourne, a research company, has published a report on the nature of ransomware attacks entitled “The State of Endpoint Security Today”. The report has…

In July 2017, Aetna, a health care company, accidentally violated HIPAA Rules when it sent mail to members in which details of HIV medications were…

Earlier this month, CIOX Health, a medical record retrieval company, announced that it was suing the Department of Health and Human Services. The reason for…

In 2017, more than 5.3 million residents of North Carolina were reported to be victims of breaches of private data. In response to this alarming…

The Department of Health and Human Services has published its final rule on the Confidentiality of Substance Use Disorder Patient Records. This rule brings significant…

An employee of Washington Hospital has been fired after taking pictures of a female patient’s genitals while she was unconscious. The patient, identified in the…

Multi-State Billing Services (MBS) has reached a $100,000 settlement with the Massachusetts Attorney General’s office following a data breach which occurred in 2014. The data…

In April 2016, the Oklahoma Department of Human Services experienced a data breach which affected 47,000 people. In accordance with HIPAA’s Breach Notification Rule, notifications…

The Department of Health and Human Services has announced that it is looking for volunteers for their HIPAA Administrative Simplification Optimization Project Pilot. Volunteers who…

Cottage Health, a health providers based in Santa Barbara, has settled for $2 million with California attorney general’s office. Cottage Health was investigated by the…

A man linked who used the name “TheDarkOverlord” has been sentenced to serve three years in jail for fraud and blackmail offences at the Southwark…

Alex Azar, the former Deputy Secretary of the Department of Health and Human Services, is the favourite to take over from former Secretary Tom Price…

Risk Based Security (RBS), a provider risk analysis tools and data breach information, has released a report analysing the data breaches which have occurred in…

In October, Deputy Director for Health Information Privacy at the Department of Health and Human Services’ Office for Civil Rights (OCR), Deven McGraw, has resigned…

In February 2017, Lincare Holdings Inc., a supplier of home respiratory therapy products, experienced a breach of sensitive employee data. The breach involved the exposure…

The Secretary of the U.S. Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in California. The waiver…

Researchers at Kromtech Security, a security software company, have identified Amazon S3 bucket used by a HIPAA-covered entity. Amazon S3 buckets are a type of…

The attack at the Las Vegas music festival earlier this month has prompted the Department of Health and Human Services’ Office for Civil Rights to…

Having served less than eight months in the role, as Secretary of the U.S. Department of Health and Human Services for Tom Price is the…

Cofense, a security software company formally known as PhishMe, recently conducted a survey which discovered that organizations from many different sectors are finding themselves unable…

The United States government has announced a public health emergency in areas of the US Virgin Islands, Puerto Rico, and Florida affected by Hurricane Irma….

In addition to dealing with the devastating aftermath of Hurricane Harvey, hospitals in Texas and Louisiana had to ensure medical staff continue to comply with…

The Director of the Department of Health and Human Services’ Office for Civil Rights (OCR), Roger Severino, expressed his desires to find a suitably large…

Aetna, a health care company, faces a class action lawsuit following a privacy breach that saw the HIV positive status of up to 12,000 accidentally…

Delaware now has the strictest breach notification requirements of any state following the first amendment to its data breach notification law in a decade. The…

Senators Joe Manchin and Shelley Moore Capito, both of West Virginia, have announced that Jessie’s Law has been passed by the Senate. The legislation was…

Beazley, a specialist insurance company, its July 2017 Insights report. The twice-yearly report examines the causes of data breaches experienced by its clients. This report…