Phishing Attacks at Magellan Health Subsidiaries Impact 56,226 Presbyterian Health Plan Subscribers
Sep18

Phishing Attacks at Magellan Health Subsidiaries Impact 56,226 Presbyterian Health Plan Subscribers

Magellan Health, based in Scottsdale, Arizona, has revealed that discovered two of its subsidiaries have experienced phishing attacks that exposed the protected health information of members of Albuquerque, NM-based Presbyterian Health Plan. The phishing attacks were identified by National Imaging Associates and Magellan Healthcare, which both supply services to Presbyterian Health Plan. Both incidents were reported to the Department...

Read More
First HIPAA Violation Case Under 2019 Right of Access Initiative Settled by OCR
Sep16

First HIPAA Violation Case Under 2019 Right of Access Initiative Settled by OCR

Earlier in 2019, the Department of Health and Human Services’ Office for Civil Rights (OCR) revealed that one of the main focuses of HIPAA enforcement in 2019 would be HIPAA right of access failures, including untimely responses to access requests and overcharging for copies of medical data. The HIPAA right of access permits patients to obtain copies of their medical records on request. HIPAA-covered entities must honor those requests...

Read More
Unsecured Online PACS makes 400 Million Medical Images Freely Accessible
Sep11

Unsecured Online PACS makes 400 Million Medical Images Freely Accessible

Following a recently completed investigation by ProPublica, the German public broadcaster Bayerischer Rundfunk, and vulnerability and analysis company, Greenbone Networks has stated that 24.3 million medical images included in image storage systems are freely accessible on the Internet and require no authentication to view or install the images. Those images, which include X-rays, MRI, and CT scans, are held in picture archiving and...

Read More
UC Health Phishing Attack Affects Multiple Email Accounts
Sep10

UC Health Phishing Attack Affects Multiple Email Accounts

University of Cincinnati Health (UC Health) is looking into a security breach that saw the email accounts of multiple employees accessed by an unauthorized person The attack took place between July 6 and July 12, 2019 and involved ‘a limited number’ of employee email accounts. A review of the compromised email accounts revealed they included patients’ names, birth dates, medical record numbers, and some clinical data. A deep dive...

Read More

13,905 Patients Targeted in Artesia General Hospital Phishing Attack

Artesia General Hospital, located in Artesia New Mexico, has stated that protected health information (PHI) of 13,905 patients has been illegally accessed in a planned phishing attack. The breach was discovered when an employee’s email account was seen to have been used to send unauthorized emails. The breach was first noticed on June 18, 2019 and the forensic analysis revealed the account had been accessed by an unauthorized person...

Read More