After President Trump issued Executive Order 14187, which refers to Protecting Children from Chemical and Surgical Mutilation, the...
2022 Guidance on Gender Affirming Care Revoked
read more
Compliance News
Dismissal of Chelan-Douglas Health District Data Breach Lawsuit Overturned
The Washington Court of Appeals revived a Chelan-Douglas Health District data breach case that the Chelan County Superior Court dismissed....
NextGen Faces Class Action Data Breach Lawsuit
NextGen Healthcare, a provider of electronic health record (EHR) and practice management services, is facing a class action lawsuit...
Email Data Breach at Michigan Medicine
University of Michigan Medicine (Michigan Medicine) sent notification letters to 56,953 persons concerning the compromise of some of their...
Lurie Children’s Hospital Faces Lawsuit Following the January 2024 Ransomware Attack
Ann & Robert H. Lurie Children’s Hospital based in Chicago is facing a class action lawsuit because of a ransomware attack and data...
Judge Rejects Class Certification in Blackbaud Lawsuit
A federal judge has rejected class certification in a combined class action lawsuit filed against Blackbaud in connection with a...
FBI Statistics Show Ransomware Attack Spike and Losses to Cybercrime Reach $12.5 Billion
The 2023 FBI Internet Crime Report revealed that the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) got high...
Data breaches Reported by Littleton Regional Healthcare, The Texas Health and Human Services Commission and UT Southwestern Medical Center
Patient Data Exposed Because of a Phishing Attack on UC San Diego Health UC San Diego Health recently sent a report to the California...
Ransomware Group Did Not Pay Affiliate’s Cut of the $22 Million Ransom
The ALPHV/Blackcat ransomware group's ransomware-as-a-service (RaaS) operation appears to have ceased, suggesting there could be an...
Cyberattacks on Bay Area Heart Center Change Healthcare, and Greater Cincinnati Behavioral Health Services
Change Healthcare Responding to Cyberattack Healthcare billing and data systems provider, Change Healthcare based in Nashville, TN has...
What does PHI stand for in HIPAA?
In HIPAA, PHI stands for Protected Health Information, which refers to any information in a medical record that can be used to identify an...
When does state privacy law supersede HIPAA?
State privacy laws can supersede HIPAA when they provide greater protection for individuals' privacy rights than what is mandated by...
Does HIPAA apply after death?
Yes, under the HIPAA Privacy Rule, the protections afforded to an individual's Protected Health Information (PHI) continue to apply and...
What happens when HIPAA is violated?
When HIPAA is violated, covered entities or individuals can face a range of consequences including investigations by the Office for Civil...
Keystone Health sued due to significant data breach, affecting 200,000+
A class action lawsuit has been filed against Pennsylvania-based Keystone Health due to a data breach that occurred in 2022 and affected...
Who has to comply with HIPAA?
Covered entities, which include healthcare providers, health plans, and healthcare clearinghouses, as well as business associates in the...
ONC releases new advice on blocking limitation compliance in advance of EHI expansion
New advice has been published regarding blocking regulations within 21st Century Cures Act. The advice was published on the ONC website by...
BD Releases Security Alerts Concerning Pyxis and Synapsys Vulnerabilities
BD has released security notifications regarding two vulnerabilities that have an effect on particular BD Pyxis electronic medication...
OCR Issues Guidelines on Audio-Only Telehealth
The Department of Health and Human Services' Office for Civil Rights has issued new guidance to healthcare providers for the use of...
HHS ONC and OCR Release Updated HIPAA Security Risk Assessment Tool
A new version of the Security Risk Assessment tool has been released by the Department of Health and Human Services’ the Office for Civil...
Report Finds A Third Of Top US Hospitals Share Patient Data To Facebook
An investigation has revealed that Facebook is receiving personal patient information from roughly a third of the top U.S. hosipital's...
Connecticut Passes Comprehensive Data Privacy Legislation
Connecticut has joined Colorado, Utah California, and Virginia in approving an all-inclusive new data privacy rule that sets...
Cyberattack Reported by Salusive Health and New Creation Counseling Center
Salusive Health, the programmer of the myNurse platform, which aids physician practices to facilitate disease management, has suffered a...
Ransomware Groups Claim to Have Targeted Health Plans and Healthcare Companies
Partnership Health Plan of California Coming Back from Suspected Ransomware Attack The non-profit managed care health plan located in...
Big Numbers of DDoS Attacks on the Healthcare Field Reported in 2021
A recent Comcast Business report reveals that 2021 got 9.84 million Distributed Denial of Service (DDoS) attacks reported, which rose by...
VA Electronic Health Record Transparency Act of 2021 Signed into Law
President Joe Biden, current President of the United States, has signed The VA Electronic Health Record Transparency Act of 2021. The act...
ONC and OCR Introduce Revised Security Risk Assessment Tool
The Office for Civil Rights (OCR) and the Department of Health and Human Services (HHS)’ Office of the National Coordinator for Health...
Data Theft Incidents Announced by Choice Health and Goodman Campbell Brain and Spine
The health insurance provider, Choice Health located in South Carolina, currently a part of Alight Solutions, has just reported that the...
Data Breaches Announced by Alameda Health System, Capsule Pharmacy and AON
Alameda Health System located in California, Capsule pharmacy based in New York, and Aon PLC located in Illinois recently reported data...
HHS Gives Data on Advanced Persistent Threat Groups Associated with the Russian Intelligence Services
The U.S. Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released a threat summary...
Data Breaches Reported by Refuah Health Center , Quantum Imaging Therapeutic Associates and RiverKids Pediatric Home Health
Refuah Health Center located in New York has just commenced informing 260,740 patients regarding a security breach that happened more or...
Microsoft Sinkholes Known ZLoader Botnet
Microsoft’s Digital Crimes Unit (DCU) deactivated the infamous ZLoader cybercrime botnet that was utilized to send Ryuk ransomware in...
PHI Compromised Because of Data Breaches at SuperCare Health and Englewood Health
Cyberattack on SuperCare Health Impacts 318,000 Patients SuperCare Health located in Downey, CA, a provider of post-acute, in-home...
Email Incidents Announced by CareOregon Advantage, Ultimate Care, and University Medical Center Southern Nevada
Three email incidents were lately announced by CareOregon Advantage, University Medical Center Southern Nevada, and Ultimate Care. A total...
JDC Healthcare Management and Wheeling Health Right Inc Report Data Breach
JDC Healthcare Management located in Dallas, TX, which operates over 70 Jefferson Dental & Orthodontics practices all over the state...
Potential PHI Breaches at Capital Region Medical Center and Labette Health
Capital Region Medical Center (CRMC) based in Jefferson City, MO has lately confirmed that unauthorized individuals accessed patient...
Security Issues Found in 75% of Infusion Pumps
This week, researchers at Palo Alto’s Unit 42 team shared a report that reveals security issues and vulnerabilities typically occur in...
People Just Notified Regarding the September 2020 and February 2021 Cyberattacks
Two HIPAA-regulated entities have not long ago commenced sending notifications to persons whose protected health information (PHI) was...
HIMSS Cybersecurity Survey Indicates the Human Factor is the Major Vulnerability in Medical Care
HIMSS has shared the results of its 2021 Healthcare Cybersecurity Survey which revealed that 67% of respondents have encountered a minimum...
AccelHealth and Pace Center for Girls Reported Hacking Incidents
Cross Timbers Health Clinics based in Brownwood, Texas, operating under the brand AccelHealth, experienced a ransomware attack on December...
Cyberattacks and Data Theft Announced by Medical Healthcare Solutions and Advocates Inc.
Advocates Inc. in Massachusetts., a non-profit provider of support services for people encountering life challenges including autism,...
Online Pharmacy Alerts 105,000 Patients Concerning Cyberattack and Probable Theft of PHI
The digital pharmacy and health application creator Ravkoo in Auburndale, FL has begun informing selected patients concerning an...
PHI of Anthem Members and Advocate Aurora Health Patients Possibly Exposed
Anthem Inc. has notified 2,003 people that an unauthorized person possibly seen or acquired their protected health information (PHI) after...
Broward Health Alerts More Than 1.3 Million People Regarding the October 2021 Data Breach
At the beginning of the year, a big breach was announced by Broward Health located in Florida, which has just started informing over 1.3...
Attorneys General are Also Allowed to Issue HIPAA Violation Fines
Since the HITECH Act (Section 13410(e) (1)) was introduced in February 2009, state attorneys general are authorized to make HIPAA-covered...
Data Breaches Reported by Texas ENT Specialists and Virginia Department of Behavioral Health and Developmental Services
Texas Ear, Nose & Throat Specialists P.A. (Texas ENT Specialists) has reported it experienced a cyberattack that was discovered on...
Class Action Lawsuit Filed Against Planned Parenthood Los Angeles Due to October 2021 Ransomware Attack
Planned Parenthood Los Angeles (PPLA) is confronting a class action lawsuit with regards to a ransomware attack that was uncovered on...
Patient Takes Legal Action Against Eskenazi Health Concerning Data Misuse
The protected health information (PHI) of an Eskenazi Health patient was compromised in a ransomware attack on August 2021. The patient is...
One Community Health Patients Informed Regarding a Cyberattack and Data Theft in April 2021
One Community Health based in Sacramento, CA has recently informed patients about the compromise of its systems between April 19 and April...
Vulnerabilities Found in Philips IntelliBridge, Patient Information Center and Efficia Patient Monitors
Five vulnerabilities were discovered that can impact these medical devices: the IntelliBridge EC 80 and EC 40 Hub, Efficia CM Series, and...
Patients are Unaware of the Magnitude of Healthcare Cyberattacks and Data Theft
Armis, the unified asset visibility and security platform provider, conducted a recent survey to take a look at the condition of...
Chinese APT Group Attacked Healthcare Companies by Exploiting Zoho Password Management Platform Vulnerability
An advanced persistent threat (APT) actor continues to conduct an espionage campaign that resulted in the compromise of the systems of no...
Forsythe To Offer Catbird’s Vsecurity® Software To Its Customers
Catbird is the pioneer in security and compliance for virtual, cloud and physical networks. The company has now entered into a partnership...
Over 650K Patients of Community Medical Centers Alerted Regarding Hacking Incident
Unauthorized individuals possibly accessed the protected health information (PHI) of over 650,000 patients of Community Medical Centers...
Study Explains Healthcare Staff Have Unnecessary Access to Significant Amounts of PHI
A new study has pointed out extensive security breakdowns at healthcare institutions, which include inadequate access controls, few...
Advisory Announced on Continuing BlackMatter Ransomware Attacks
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency...
Ransom Disclosure Act Necessitates Reporting of Payments to Ransomware Groups In 48 Hours
New legislation was launched that necessitates ransomware attack victims to make known any payments given to the threat actors to the...
Cyberattacks Encountered by Schneck Medical Center and Epilepsy Foundation of Texas
Schneck Medical Center located in Seymour, IN has reported that it suffered a cyberattack that had affected its company operations. The...
Data Breaches Reported by Vista Radiology and Mankato Clinic
PHI of Up to 3,634 Persons Compromised at Vista Radiology Ransomware Attack Vista Radiology based in Knoxville, TN has advised 3,634...
Ransomware Groups Attack Barlow Respiratory Hospital And Missouri Delta Medical Center
Barlow Respiratory Hospital based in Los Angeles, CA has reported that it has encountered a ransomware attack last August 27, 2021. The...
Higher Risk of BlackMatter Ransomware Attack on the Health and Public Health Sector
The Health Sector Cybersecurity Coordination Center (HC3) of the Department of Health and Human Services reported that there is an...
Cyber Actors Target Outpatient Facilities More Regularly Than Hospitals
A new evaluation of breach reports filed with the Department of Health and Human Services’ Office for Civil Rights has pointed out that...
California DOJ Has to be Advised Concerning Breaches of the Health Data of 500 or More California Residents
The Breach Notification Rule of the Health Insurance Portability and Accountability Act (HIPAA) calls for covered entities and business...
Heimdal Security Researchers Discover New ‘DeepBlueMagic’ Ransomware
Researchers at Heimdal Security detected a new ransomware strain that a threat group known as DeepBlueMagic is using. The ransomware...
Data Breaches at NCH Corporation, TGH Urgent Care and Southwest Nebraska Public Health Department
NCH Corporation in Irving, TX, an international maintenance products marketer, sent a report involving a supposed ransomware attack. The...
Accidental PHI Exposure at LA Fire Department and Standard Modern Company
The Los Angeles Fire Department has learned that the COVID-19 vaccination information of 4,900 personnel was by mistake exposed on the...
HSCC Releases Guidance Paper to Secure the Telehealth and Telemedicine Ecosystem
Healthcare organizations are increasingly utilizing health information technology to give patients virtual health care services. With...
PHI Compromised Due to UNC Health and Nebraska DHHS Phishing Attacks
The Nebraska Department of Health and Human Services has reported a security incident concerning the protected health information (PHI) of...
REvil Ransomware Websites Ceased to Exist Fueling Questions of Law Enforcement Takedown
The infamous REvil ransomware gang’s Internet and dark sites have unexpectedly vanished, days right after President Biden called Vladimir...
Kaseya Security Update Corrects Vulnerabilities Exploited in KSA Ransomware Attack
Kaseya has made an announcement of a security update issued for the Kaseya KSA remote management and monitoring software tool to correct...
PHI Exposed in Email Security Incidents at Discovery Practice Management and Peoples Community Health Clinic
Discovery Practice Management Alerts Folks Regarding June 2020 Email Incident Administrative support services provider Discovery Practice...
No Private Cause of Action Under HIPAA, although Probable Cause of Action for 14th Amendment Violation
The U.S. Court of Appeals for the Fourth Circuit has made a decision that there is no private cause of action in the Health Insurance...