Email Security Breaches at Relation Insurance & Rainbow Hospice Care Experience
Mar09

Email Security Breaches at Relation Insurance & Rainbow Hospice Care Experience

Relational Insurance Inc., an insurance brokerage company operating as Relation Insurance Services of Georgia (RISG), suffered an email security breach in August 2019. An unauthorized person was discovered to have obtained access to the email account of an employee and possibly accessed or copied emails that included protected health information (PHI). The breach was discovered on August 15, 2019 when suspicious activity was noticed...

Read More
Vulnerability in Walgreens Mobile App Secure Messaging Feature Made PHI Accessible
Mar06

Vulnerability in Walgreens Mobile App Secure Messaging Feature Made PHI Accessible

Walgreens has started contacting customers to make them aware that a portion of their protected health information may have been accessed by unauthorized individual due to an error in the personal secure messaging feature of the Walgreens mobile app. The secure messaging app includes a feature that allows registered customers to manage and receive SMS prescription refill notifications and deals and coupons. A vulnerability in the app...

Read More
Google’s Response was Deemed Incomplete by Ascension
Mar03

Google’s Response was Deemed Incomplete by Ascension

After it became public that a massive amount of patient data had been shared with Google by the Catholic health system Ascension, the second biggest health system in the United States, a bipartisan group of Senators – Sen. Bill Cassidy, M.D., (R-LA), Elizabeth Warren (D-MA), and Richard Blumenthal (D-CT) – wrote to Google asking for answers about the nature of the agreements and the data the company received. Ascension manages 150...

Read More
Final Approval Given for Quest Diagnostics 2016 Data Breach Settlement
Mar03

Final Approval Given for Quest Diagnostics 2016 Data Breach Settlement

A federal judge has given final approval to a settlement in a class action lawsuit filed against the New Jersey-based medical laboratory firm, Quest Diagnostics Inc., in relation to its 2016 data breach. The $195,000 settlement will see up to $325 compensation made available for each person impacted by the breach. On November 26, 2016 hackers obtained access to the Care360 MyQuest mobile app that is used by patients to store and share...

Read More
First HIPAA Penalty of 2020 Announced by HHS’ Office for Civil Rights
Mar02

First HIPAA Penalty of 2020 Announced by HHS’ Office for Civil Rights

The first HIPAA penalty of 2020 has been announced by the Department of Health and Human Services’ Office for Civil Rights (OCR) and has been sanctioned against the medical practice of Steven A. Porter, M.D. The practice has agreed to pay a fine of $100,000 to resolve possible breaches of the HIPAA Security Rule and will implement a corrective action plan to tackle all areas of noncompliance discovered during the compliance audit. Dr....

Read More