To avoid the propagation of the coronavirus, plenty of businesses are allowing their employees to work from home. Though this measure is crucial for lessening…

HIMSS Media together with Mimecast lately publicized research that showed that for the last 12 month time period, 90% of healthcare companies have suffered no…

Walgreens began informing clients concerning the probable access of their protected health information (PHI) by other persons due to a mistake in the Walgreens mobile…

The American Medical Association (AMA) has released another HIPAA playbook to guide doctors and their practices have an understanding of the HIPAA Right of Access…

The Countrywide Institute of Standards and Technology (NIST) has published its most current draft guidance document regarding cyber supply chain risk management. The intent of…

A new Comparitech study has disclosed the magnitude of ransomware attacks on healthcare companies and their actual price on the healthcare sector. The study pointed…

Manchester Ophthalmology in Connecticut encountered a cyberattack that made it possible for attackers to get access to patient information. Employees of the eyecare provider spotted…

The cybersecurity company Proofpoint published its 2020 State of the Phish report, which revealed that 65% of companies in the U.S. (55% worldwide) had at…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an advisory regarding the rise of Emotet malware attacks lately. The first discovery of Emotet was…

To avoid critical vulnerabilities exploitation, Microsoft has introduced patches to be used on all supported Windows versions that require prompt attention. Though there’s no report…

Data breaches in the healthcare sector are occurring more frequently now than in the past. In 2019, the HHS’ Office for Civil Rights got 494…

Sinai Health System in Chicago learned about the compromise of the email accounts of two employees after they responded to phishing emails. It is not…

The Northern District of Alabama filed legal action against DCH Health System in the Western Division of U.S. District Court with regards to a ransomware…

Unauthorized people accessed the email accounts of a number of employees of Conway Medical Center based in South Carolina. Conway Medical Center detected the phishing…

A data protection authority in Germany issued to 1&1 Telecommunications one of the biggest GDPR penalties. The fine was issued to the telecommunications and hosting…

U.S. Sen. Maria Cantwell (D-Washington) has introduced a federal law providing U.S. citizens with new rights regarding their personal information. The Consumer Online Privacy Rights…

The 8th HIPAA financial penalty of 2019 has been publicized by the Department of Health and Human Services’ Office for Civil Rights (OCR). Sentara Hospitals…

The University of Rochester Medical Center (URMC) spent $3 million on payment to OCR for the HIPAA penalty over its failure to use encryption on…

The recently released Proofpoint Q3 2019 Threat Report provides information regarding the major threats in Q3 of 2019 and shows the evolving strategies, techniques, and…

A misconfiguration of the billing system of Texas Health Resources resulted in the impermissible disclosure of 82,577 of its patients’ health information. Texas Health Resources…

Premier Family Medicine is in the process of notifying 320,000 individuals that their protected health information may have been compromised following a cybersecurity incident. The…

A mailing error at Alive Hospice has resulted in breach notification letters informing patients of a May 2019 cybersecurity incident being sent to the incorrect…

A cybersecurity incident at Rhode Island Ear, Nose and Throat Physicians Inc. (RIENT) has resulted in the protected health information (PHI) of 3,000 patients being…

Adirondack Health has revealed that a cyberattack on their facility may have compromised the protected health information (PHI) of 25,000 individuals.  Adirondack Health, based in…

A former employee of the University of Pittsburgh Medical Center (UPMC) has been indicted by a federal grand jury and has been sentenced to serve…

A data breach at Mercy Health has impacted nearly 1,000 patients. The non-profit healthcare system in west Michigan, discovered that some protected health information (PHI)…

Rosenbaum Dental Group has revealed that it recently suffered a malware attack which potentially compromised the protected health information (PHI) of 1,200 individuals. Rosenbaum Dental…

Oregon State Hospital is preparing to notify patients that their protected health information (PHI) may have been compromised due to an employee responding to a…

An employee email error at Independent Health has resulted in the PHI of 7,600 health plan members being compromised. Independent Health, based in Amherst, MA,…

CynergisTek has released a report which reveals that a significant number of healthcare organisations fail to comply with important pieces of healthcare legislation, including HIPAA’s…

Burrell Behavioral Health has revealed that a business associate’s error has compromised the data of 70,000 patients. The error occurred in August 2018. The business…

Maffi Clinics, Arizona, have revealed that a ransomware attack on their servers compromised the files of nearly 10,500 patients. Maffi Clinics, a network of 5…

Chicago’s Northwestern Memorial Hospital have had to fire up to 60 employees for accessing Jussie Smollett’s medical records without correct authorisation to do so. Jussie…

The University of Washington School of Medicine (UW Medicine) has announced that an IT error has resulted in the exposure of 974,000 patient data files…

Anesthesia Associates of Kansas City has announced that surgery schedules containing patient information were stolen from one of their employee’s vehicles last December. The employee,…

A warning has been issued about vulnerabilities affecting Dräger Infinity Delta patient monitoring devices. The warning was issued by Department of Homeland Security (DHS) United…

BJC HealthCare have announced that the details of nearly 6,000 credit cards were compromised following a cybersecurity incident. BJC HealthCare, based in Missouri, discovered the…

Mind & Motion Developmental Centers have revealed that they have been the victims of a ransomware attack on their servers. Mind & Motion Developmental Centers,…

A North Texas mental health services provider has announced that the sensitive files of over 1,800 patients have been compromised in a phishing attack. Metrocare…

A former IT worker at a New Jersey medical centre has been sentenced to 5 years’ probation for the theft of IT equipment that stored…

On June 29, 2018, the Department of Justice announced that a former patient information coordinator has been indicted by a federal grand jury for violations…

The District court has ruled that patients have no right to take legal action for HIPAA violation. That is to say that there is no…

Washington Health Systems has suspended several of their staff members following allegations that they accessed patient health records without authorisation. The privacy breach is currently…

A recent survey on the use of mobile technology in medical situations has shown that 90% of hospitals and 94% of physicians have adopted mobile…

Recently, several lawsuits have been filed in relation to alleged breaches of Health Insurance Portability and Accountability Act (HIPAA) Rules. Here, we provide an overview…

In a recent statement, the Department of Health and Human Services’ Office for Civil Rights (OCR) has reminded covered entities (CEs) that HIPAA compliance requires…

Earlier this month, LifeBridge Health, a Baltimore-based healthcare provider, made a statement announcing that it had discovered a data breach in their organisation. An initial…

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (DHS ICS-CERT) have issued warnings to healthcare providers about vulnerabilities in several medical…

In a recent statement the gastroenterology group Capital Digestive Care, based in Silver Spring, Maryland, announced that they have discovered a data breach in their…

Wombat Security has recently published a report which has revealed that employees in the healthcare industry have a lack of understanding and awareness about common…

Researchers Vanderbilt University, Tennessee, have released a study into the effects that breaches of healthcare data have on the affected individual’s health. The results of…

Earlier this month, the National Institute of Standards and Technology updated its Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) with new guidelines and advice…

A former receptionist at a New York dental practice has convicted of stealing the protected health information (PHI) of 653 patients at her formed place…

The telecommunications company Verizon has released its annual Protected Health Information Breach Report. This report offers a detailed analysis into the main causes of breaches,…

In the first quarter of 2018, 77 healthcare data breaches were reported to the Department of Health and Human Services’ Office for Civil Rights (OCR)….

To serve as a deterrent, the penalties for HIPAA violations can be severe. Violations by employees can attract a fine of up to $250,000 with…

The Ponemon Institute, which conducts research on privacy, data protection, and information security, has released the results of a survey of data breaches in healthcare…

The New York Attorney General has just announced a settlement with EmblemHealth for $575,000 following a HIPAA breach at the organisation in 2016. The breach…

Protenus, an organisation which aims to help healthcare organisations protect private patient data, regularly releases “Healthcare Breach Barometer” reports which compile their intelligence on healthcare…

The Post and Courier, the South Carolina newspaper, has released a report stating the Medical University of South Carolina (MUSC) terminated 13 employees last year…

The University of Virginia Health System has notified nearly 2,000 patents that a hacker has used malware to gain access to their protected health information…

The deputy director for health information privacy at the Department of Health and Human Services’ Office for Civil Rights, Iliana Peters, as just announced that…

In a recent announcement, Decatur County General Hospital in Tennessee revealed that it has been the victim of a cyberattack on their systems. Malware was…

Vanson Bourne, a research company, has published a report on the nature of ransomware attacks entitled “The State of Endpoint Security Today”. The report has…

In July 2017, Aetna, a health care company, accidentally violated HIPAA Rules when it sent mail to members in which details of HIV medications were…

Earlier this month, CIOX Health, a medical record retrieval company, announced that it was suing the Department of Health and Human Services. The reason for…

In 2017, more than 5.3 million residents of North Carolina were reported to be victims of breaches of private data. In response to this alarming…

The Department of Health and Human Services has published its final rule on the Confidentiality of Substance Use Disorder Patient Records. This rule brings significant…

An employee of Washington Hospital has been fired after taking pictures of a female patient’s genitals while she was unconscious. The patient, identified in the…

Multi-State Billing Services (MBS) has reached a $100,000 settlement with the Massachusetts Attorney General’s office following a data breach which occurred in 2014. The data…

In April 2016, the Oklahoma Department of Human Services experienced a data breach which affected 47,000 people. In accordance with HIPAA’s Breach Notification Rule, notifications…

The Department of Health and Human Services has announced that it is looking for volunteers for their HIPAA Administrative Simplification Optimization Project Pilot. Volunteers who…

Cottage Health, a health providers based in Santa Barbara, has settled for $2 million with California attorney general’s office. Cottage Health was investigated by the…

A man linked who used the name “TheDarkOverlord” has been sentenced to serve three years in jail for fraud and blackmail offences at the Southwark…

Alex Azar, the former Deputy Secretary of the Department of Health and Human Services, is the favourite to take over from former Secretary Tom Price…

Risk Based Security (RBS), a provider risk analysis tools and data breach information, has released a report analysing the data breaches which have occurred in…

In October, Deputy Director for Health Information Privacy at the Department of Health and Human Services’ Office for Civil Rights (OCR), Deven McGraw, has resigned…

In February 2017, Lincare Holdings Inc., a supplier of home respiratory therapy products, experienced a breach of sensitive employee data. The breach involved the exposure…

The Secretary of the U.S. Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in California. The waiver…

Researchers at Kromtech Security, a security software company, have identified Amazon S3 bucket used by a HIPAA-covered entity. Amazon S3 buckets are a type of…

The attack at the Las Vegas music festival earlier this month has prompted the Department of Health and Human Services’ Office for Civil Rights to…