Dedicated to providing the latest
HIPAA compliance news

Recent News

Institute for Women’s Health Hacked: PHI Compromised

Ransomware attacks on healthcare organizations have increased, although that is far from the only malware threat. Keylogging malware can be used to obtain sensitive information such as login credentials, or in the case of the San Antonio Institute for Women’s Health (IFWH), credit and debit card...

Healthcare Hacking Incidents Overtook Insider Breaches in July

Throughout 2017, the leading cause of healthcare data breaches has been insiders; however, in July hacking incidents dominated the breach reports. Almost half of the breaches (17 incidents) reported in July for which the cause of the breach is known were attributed to hacking, which includes...

Lake Health Informs OB Patients of TriPoint Medical Center Breach

A log book containing the protected health information of approximately 750 obstetrics patients of TriPoint Medical Center in Concord Township, Ohio has been discovered to be missing. All obstetrics departments are required by the Ohio Department of Health to maintain a log book detailing...

Ransomware Attack Suffered by Cove Family and Sports Medicine

A ransomware attack on Cove Family and Sports Medicine and Krichev Family Medicine, P.C., in Huntsville, Alabama resulted in the medical records and personal information of 4,300 patients being encrypted. Ransomware was installed on April 14, 2017. Cove Medicine had backed up its data and was able...

Security Incidents Experienced by More Than a Third of Organizations in the IoT Medical Device Sphere

A recent Deloitte survey conducted on 370 professionals with involvement in the IoT medical device ecosystem revealed more than a third (36%) of organizations have experienced a security incident related to those devices in the past year. Respondents were medical device or component manufacturers,...

  • Healthcare Data Privacy
  • Healthcare Data Security
  • Healthcare Information Technology
  • HIPAA Breach News
  • HIPAA Compliance News
  • HIPAA News
  • HIPAA News for Small and Mid-Sized Practices
  • HIPAA Updates

Healthcare Hacking Incidents Overtook Insider Breaches in July

Throughout 2017, the leading cause of healthcare data breaches has been insiders; however, in July hacking incidents dominated the breach reports. Almost half of the breaches (17 incidents) reported in July for which the cause of the breach is known were attributed to hacking, which includes...

Want to Prevent Data Breaches? Time to Go Back to Basics

Intrusion detection systems, next generation firewalls, insider threat management solutions and data encryption will all help healthcare organizations minimize risk, prevent security breaches, and detect attacks promptly when they do occur. However, it is important not to forget the security...

Documents Containing PII Discovered in Used Office Furniture

Prior to disposing or selling office furniture, HIPAA-covered entities should ensure that all drawers and compartments are inspected for any stray documents containing sensitive information. The failure to conduct a thorough check could easily result in a HIPAA breach or privacy violation. Such an...

Healthcare Hacking Incidents Overtook Insider Breaches in July

Throughout 2017, the leading cause of healthcare data breaches has been insiders; however, in July hacking incidents dominated the breach reports. Almost half of the breaches (17 incidents) reported in July for which the cause of the breach is known were attributed to hacking, which includes...

Ransomware Attack Suffered by Cove Family and Sports Medicine

A ransomware attack on Cove Family and Sports Medicine and Krichev Family Medicine, P.C., in Huntsville, Alabama resulted in the medical records and personal information of 4,300 patients being encrypted. Ransomware was installed on April 14, 2017. Cove Medicine had backed up its data and was able...

Security Incidents Experienced by More Than a Third of Organizations in the IoT Medical Device Sphere

A recent Deloitte survey conducted on 370 professionals with involvement in the IoT medical device ecosystem revealed more than a third (36%) of organizations have experienced a security incident related to those devices in the past year. Respondents were medical device or component manufacturers,...

Security Incidents Experienced by More Than a Third of Organizations in the IoT Medical Device Sphere

A recent Deloitte survey conducted on 370 professionals with involvement in the IoT medical device ecosystem revealed more than a third (36%) of organizations have experienced a security incident related to those devices in the past year. Respondents were medical device or component manufacturers,...

HIMSS Research Shows Healthcare Organizations Have Enhanced Their Cybersecurity Programs

HIMSS has published the findings of its 2017 Cybersecurity Survey. The survey was conducted on 126 cybersecurity professionals from the healthcare industry between April and May 2017. Most of the respondents were executive and non-executive managers who were primarily responsible or had some...

HITRUST and Trend Micro Join Forces to Improve Organizational Cyber Threat Management

The Health Information Trust Alliance (HITRUST) has announced a new partnership with Trend Micro. The aim of the partnership is to speed the delivery of cyber threat research and education and improve organizational threat management. The partnership has seen the creation of the Cyber Threat...

Institute for Women’s Health Hacked: PHI Compromised

Ransomware attacks on healthcare organizations have increased, although that is far from the only malware threat. Keylogging malware can be used to obtain sensitive information such as login credentials, or in the case of the San Antonio Institute for Women’s Health (IFWH), credit and debit card...

Healthcare Hacking Incidents Overtook Insider Breaches in July

Throughout 2017, the leading cause of healthcare data breaches has been insiders; however, in July hacking incidents dominated the breach reports. Almost half of the breaches (17 incidents) reported in July for which the cause of the breach is known were attributed to hacking, which includes...

Lake Health Informs OB Patients of TriPoint Medical Center Breach

A log book containing the protected health information of approximately 750 obstetrics patients of TriPoint Medical Center in Concord Township, Ohio has been discovered to be missing. All obstetrics departments are required by the Ohio Department of Health to maintain a log book detailing...

Want to Prevent Data Breaches? Time to Go Back to Basics

Intrusion detection systems, next generation firewalls, insider threat management solutions and data encryption will all help healthcare organizations minimize risk, prevent security breaches, and detect attacks promptly when they do occur. However, it is important not to forget the security...

Delaying Breach Notifications is a Violation of the Breach Notification Rule

The HIPAA Breach Notification Rule (45 CFR §§ 164.400-414) requires covered entities to notify the HHS’ Office for Civil Rights of a breach of unsecured protected health information and send notification letters to affected individuals without unreasonable delay and no later than 60 days after...

Protenus Provides Insight into 2017 Healthcare Data Breach Trends

Protenus, in conjunction with Databreaches.net, has produced its Breach Barometer mid-year review. The report covers all healthcare data breaches reported over the past 6 months and provides valuable insights into 2017 data breach trends. The Breach Barometer is a comprehensive review of healthcare...

U.S. Senate Passes Jessie’s Law to Help Prevent Drug Overdoses

West Virginia senators Joe Manchin and Shelley Moore Capito have announced that Jessie’s Law has been passed by the Senate. The legislation is intended to ensure doctors are provided with details of a patient’s previous substance abuse history if consent to share the information is provided by...

How Often Should Healthcare Employees Receive Security Awareness Training?

Security awareness training is a requirement of HIPAA, but how often should healthcare employees receive security awareness training? Recent Phishing and Ransomware Attacks Highlight Need for Better Security Awareness Training Phishing is one of the biggest security threats for healthcare...

47% of Healthcare Organizations Have Experienced A HIPAA Data Breach in the Past 2 Years

The KPMG 2017 Cyber Healthcare & Life Sciences Survey shows there has been a 10 percentage point increase in reported HIPAA data breaches in the past two years. The survey was conducted on 100 C-suite information security executives including CIOs, CSOs, CISOs and CTOs from healthcare providers...

Healthcare Hacking Incidents Overtook Insider Breaches in July

Throughout 2017, the leading cause of healthcare data breaches has been insiders; however, in July hacking incidents dominated the breach reports. Almost half of the breaches (17 incidents) reported in July for which the cause of the breach is known were attributed to hacking, which includes...

August Sees OCR Breach Reports Surpass 2,000 Incidents

Following the introduction of the HITECH Act in 2009, the Department of Health and Human Services’ Office for Civil Rights has been publishing summaries of healthcare data breaches on its Wall of Shame.  August saw an unwanted milestone reached. There have now been more than 2,000 healthcare...

Want to Prevent Data Breaches? Time to Go Back to Basics

Intrusion detection systems, next generation firewalls, insider threat management solutions and data encryption will all help healthcare organizations minimize risk, prevent security breaches, and detect attacks promptly when they do occur. However, it is important not to forget the security...

U.S. Senate Passes Jessie’s Law to Help Prevent Drug Overdoses

West Virginia senators Joe Manchin and Shelley Moore Capito have announced that Jessie’s Law has been passed by the Senate. The legislation is intended to ensure doctors are provided with details of a patient’s previous substance abuse history if consent to share the information is provided by...

OCR Data Breach Portal Update Highlights Breaches Under Investigation

Last month, the Department of Health and Human Services confirmed it was mulling over updating its data breach portal – commonly referred to as the OCR ‘Wall of Shame’. Section 13402(e)(4) of the HITECH Act requires OCR to maintain a public list of breaches of protected health information...

OCR’s Wall of Shame Under Review by HHS

Since 2009, the Department of Health and Human Services’ Office for Civil Rights has been publishing summaries of healthcare data breaches on its website. The data breach list is commonly referred to as OCR’s ‘Wall of Shame’. The data breach list only provides a brief summary of data...