University of Cincinnati Medical Center HIPAA Right of Access Failure Results in $65,000 Fine
The 18th HIPAA financial penalty of 2020, the 12th fine under its HIPAA Right of Access enforcement initiative, has been revealed by HHS’ Office for Civil Rights. The most recent HIPAA fine of $65,000 was sanctioned against the University of Cincinnati Medical Center, LLC (UCMC) and grew out of a complaint submitted by OCR on May 30, 2019 from a patient who had issued a request to UCMC on February 22, 2019 seeking an electronic copy...
U.S. Data Breach Impacts 829,454 Luxottica Patients
The largest eyewear firm globally, Luxottica, has had a number of its web portals targeted in a cyberattack that has resulted in a breach of the private data of over 800,000 patients. Luxottica makes designer eyewear for numerous renowned fashion brands and owns many famous eyewear brands such as Ray-Ban. The group also manages the EyeMed vision benefits company and collaborates with LensCrafters, Target Optical, EyeMed, Pearle...
Saint Francis Healthcare Data Breach Lawsuit Settled for $350,000
In relation to September 2019 ransomware attack on Ferguson Medical Group (FMG), a $350,000 settlement has been reached between Saint Francis Healthcare System and patients impacted by the attack. FMG was purchased by Saint Francis after a cyberattack resulted in many important records being inaccessible. They tried to retrieve all impacted records via backups, though some were could no be rescued. These files included medical...
10th HIPAA Fine Under Right of Access Initiative Revealed by Office for Civil Rights
The 10th financial penalty under its HIPAA Right of Access enforcement initiative has been revealed by the U.S. Department of Health and Human Services’ Office for Civil Rights. California-based Riverside Psychiatric Medical Group has committed to paying a financial penalty of $25,000 to settle a possible HIPAA Right of Access breach and will implement a corrective action plan to see to it that compliance with this provision of the...
City of New Haven Fined €202,000 for Failure to Terminate Former Employee’s Access Rights
In Connecticut the City of New Haven has committed to paying a $203,400 financial penalty to the Department of Health and Human Services’ office for Civil Rights to compensate for a HIPAA violation case. An OCR investigation was initiated in May 2017 following a receipt of data breach notification originating in New Haven on January 24. OCR investigated if the City of New Haven was responsible for HIPAA violations. Following this...