December 20, 2024 The New HIPAA NCPDP Retail Pharmacy & Medicaid Pharmacy Subrogation Standard The U.S. Department of Health and Human Services has issued a final rule with changes to the Health Insurance Portability and Accountability Act (HIPAA) National ... Read more
December 16, 2024 Colorado Children’s Hospital to Pay OCR $548,265 Penalty to Settle HIPAA Violations The HHS’ Office for Civil Rights (OCR) has reported its 7th civil monetary penalty for HIPAA violation by a covered entity this 2024. This case ... Read more
November 14, 2024 First HIPAA Risk Analysis Enforcement Initiative Financial Penalty Issued by OCR The HHS Office for Civil Rights (OCR) reported its second settlement involving a ransomware-related HIPAA violation. This settlement is the first HIPAA enforcement action under ... Read more
October 30, 2024 Cyberattack on Omni Family Health Results in Data Breach Healthcare provider Omni Family Health manages facilities located in Kern, Kings, Tulare, and Fresno counties in California. The company notified patients and staff members concerning ... Read more
October 18, 2024 New York’s New Cybersecurity Rules for General Hospitals On October 2, 2024, New York introduced new laws requiring “general hospitals” across the state to enforce cybersecurity measures. Before this law, state hospitals were ... Read more
October 12, 2024 HHS Advisory About Trinity Ransomware Attacks on the Healthcare Sector The Health Sector Cybersecurity Coordination Center (HC3) has provided data about the Trinity Ransomware group, a comparatively new threat actor that appeared in May 2024 ... Read more
October 5, 2024 Vice Presidential Candidates’ Medical Information Impermissibly Accessed by VA Employees A criminal investigation was due after discovering that the Department of Veterans Affairs (VA) employees accessed the medical files of vice presidential candidates Minnesota Governor ... Read more
September 6, 2024 House of Representatives Reviews the Healthcare Cybersecurity Act The introduction of the bipartisan Senate bill known as the Healthcare Cybersecurity Act was a response to the Change Healthcare ransomware attack and presently has ... Read more
August 29, 2024 Answers Required from DOL Regarding State Agencies’ Surprise Inspections Two House Democrats wrote to Department of Labor (DOL) Acting Labor Secretary Julie Su requiring replies regarding allegations that California and South Carolina Occupational Safety ... Read more
August 14, 2024 $115K Civil Monetary Penalty Paid by American Medical Response for HIPAA Violation American Medical Response (AMR), a private ambulance provider, paid $115,200 to the HHS’ Office for Civil Rights (OCR) as a civil monetary penalty to take ... Read more
August 1, 2024 Changes to HHS Mangament of Technology, Cybersecurity, Information, AI, and HealthIT The Department of Health and Human Services (HHS) has reported a restructuring that will enable the department to improve its operations and more efficiently prioritize ... Read more
July 19, 2024 PHI Exposed in HealthEquity Cyberattack Financial technology and business services provider HealthEquity based in Draper, UT encountered a cyberattack that exposed SharePoint data, including protected health information (PHI). HealthEquity offers ... Read more
July 18, 2024 Cyber Fire Drills: A New Tool to Fight Healthcare Cyberattacks Healthcare is under constant cyberattack by malicious actors. Nearly 6,000 healthcare data breaches that have been reported to the HHS Office for Civil Rights (OCR) between ... Read more
July 6, 2024 Guidance Sought on Notification Requirements Related to the Change Healthcare Data Breach CHIME and some healthcare provider organizations wrote to Melanie Fontes Rainer, the Office for Civil Rights (OCR) Director, for clarity and information for physicians and ... Read more
July 2, 2024 PHI of 175,195 Patients Exposed in South Texas Oncology and Hematology Cyberattack Cancer treatment center South Texas Oncology and Hematology (STOH) based in San Antonio, TX has informed 176,303 patients about a cyberattack discovered on February 15, ... Read more
June 26, 2024 ComplianceJunction HIPAA Training Course Receives AHIMA Approval The Health Insurance Portability and Accountability Act (HIPAA) applies to healthcare providers health plans, healthcare clearinghouses, and their business associates. HIPAA has important privacy and ... Read more
June 15, 2024 UHG Required to Send Breach Notifications Involving Change Healthcare Not Later Than June 21, 2024 On June 7, 2024, Senators Marsha Blackburn (R-TN) and Maggie Hassan (D-NH) sent a letter to UnitedHealth Group CEO Andrew Witty telling him to issue ... Read more
June 12, 2024 HIPAA Compliance on Resume Incorporating HIPAA compliance on a resume can significantly enhance a candidate’s appeal, especially for positions in healthcare, IT, administration, and roles that handle sensitive patient ... Read more
June 11, 2024 FBI Recovers 7,000 Decryption Keys Through Operation Cronos The Federal Bureau of Investigation (FBI) advises LockBit ransomware attack victims to contact the Internet Crime Complaint Center (IC3). The FBI has secured over 7,000 ... Read more
June 4, 2024 Email Accounts Compromised at Children’s Health Care Children’s Health Care in Minneapolis, MN, doing business as Children’s Minnesota, found out that patients’ protected health information (PHI) was compromised in an email security ... Read more
May 26, 2024 Patient Information Exposed Due to Superior Air-Ground Ambulance Service Data Breach and a Stolen TimeDoc Laptop PHI of 858K Individuals Exposed in Superior Air-Ground Ambulance Service Data Breach Superior Air-Ground Ambulance Service provides ambulance and Emergency Medical Services (EMS) in Michigan, ... Read more
May 12, 2024 Potential Cyberattacks on Ascension, Palomar Health Medical Group and Georgia Institute for Plastic Surgery Ascension Cyberattack Investigation Ascension, the biggest nonprofit and Catholic health system in America, stated it is looking into a suspected cyberattack that has interrupted clinical ... Read more
May 5, 2024 Health Data Analytics Company Submits 1.1-Million Record Data Breach Report Berry, Dunn, McNeil & Parker, LLC (BerryDunn), an accounting and consulting company based in Portland, ME filed a data breach report with the Maine Attorney ... Read more
April 28, 2024 PHI Exposed in Moffitt Cancer Center and Los Angeles County Department of Health Services Cyberattacks Moffitt Cancer Center Impacted by the Advarra Data Breach Moffitt Cancer Center reported a data security breach that occurred at Advarra. Advarra is Moffitt Cancer ... Read more
April 15, 2024 Value of Strong Cybersecurity Programs and Guidance on Informed Consent Requirements Companies with Strong Cybersecurity Programs Get Higher Returns for Shareholders Investing in cybersecurity measures aids in preventing data breaches, and evading regulatory penalties. According to ... Read more
April 12, 2024 HIPAA Security Audit A HIPAA security audit can help covered entities and business associates identify threats to the confidentiality of Protected Health Information and remedy gaps in security ... Read more
April 10, 2024 Cyberattacks and Data Breaches Reported by Ernest Health Hospitals, Wyndemere Senior Care, Baylor College of Medicine and Harvard Pilgrim Health Care Patient Data Theft from Several Ernest Health Hospitals Ernest Health manages rehabilitation and long-term acute care hospitals located in Arizona, Colorado, California, Indiana, Idaho, Montana, ... Read more
April 3, 2024 Is it Possible to Have HIPAA Compliant Gmail? It is possible to have HIPAA compliant Gmail if you subscribe to a Google Workspace account that supports HIPAA compliance, if the products included in ... Read more
March 28, 2024 OCR Opens HIPAA Compliance Investigation of Change Healthcare The HHS’ Office for Civil Rights started the investigation of Change Healthcare three weeks after its cyberattack on February 21, 2024. Usually, OCR’s cyberattack and ... Read more
March 26, 2024 Survey Finds Change Healthcare Cyberattack Impacting Hospital Finances and Patient Care Access The recent cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group, has sent affected the U.S. healthcare system greatly, marking it as one of the ... Read more