Recent News

FDA and DHS to Increase Collaboration and Better Coordinate Efforts to Improve Medical Device Cybersecurity

The U.S. Food and Drug Administration (FDA) and the Department of Homeland Security (DHS) have announced a memorandum of agreement to implement a new framework to increase collaboration and improve coordination of their efforts to increase medical device security. The security of medical devices...

Webinar: TitanHQ and Datto Networking Discuss Enhanced Web Content Filtering

Earlier this year, spam and web filtering solution provider TitanHQ partnered with Datto Networking, the leading provider of MSP-delivered IT solutions to SMBs. The new partnership has allowed Datto to enhance security on the Datto Networking Appliance with enterprise-grade web filtering technology...

The HIPAA Risk Analysis: Guidance and Tools for HIPAA Covered Entities and Business Associates

The HIPAA Risk analysis is a foundational element of HIPAA compliance, yet it is something that many healthcare organizations and business associates get wrong. That places them at risk of experiencing a costly data breach and a receiving a substantial financial penalty for noncompliance. The...

FDA Issues Warning About Flaws in Medtronic Implantable Cardiac Device Programmers

The U.S. Food and Drug Administration (FDA) has issued a warning about vulnerabilities in certain Medtronic implantable cardiac device programmers which could potentially be exploited by hackers to change the functionality of the programmer during implantation or follow up visits. Approximately...

$16 Million Anthem HIPAA Breach Settlement Takes OCR HIPAA Penalties Past $100 Million Mark

OCR has announced that an Anthem HIPAA breach settlement has been reached to resolve potential HIPAA violations discovered during the investigation of its colossal 2015 data breach that saw the records of 78.8 million of its members stolen by cybercriminals. Anthem has agreed to pay OCR $16...

  • Healthcare Data Privacy
  • Healthcare Data Security
  • Healthcare Information Technology
  • HIPAA Breach News
  • HIPAA Compliance News
  • HIPAA News
  • HIPAA News for Small and Mid-Sized Practices
  • HIPAA Updates

Aetna Settles HIPAA Violation Case with State AGs

In 2017, errors occurred with two Aetna mailings that resulted in the impermissible disclosure of the protected health information of plan members, including HIV statuses and AFib diagnoses. A class action lawsuit was filed on behalf of the victims of the HIV status breach which was settled for $17...

Minnesota DHS Notifies 21,000 Patients That Their PHI Has Potentially Been Compromised

The Minnesota Department of Human Services has mailed letters to approximately 21,000 individuals on medical assistance to alert them to a possible breach of their protected health information (PHI) due to two recent phishing attacks. Two DHS employees’ email accounts have been confirmed as...

HSS Secretary Issues Limited Waiver of HIPAA Penalties Following Declaration of Public Health Emergency in Florida and Georgia

Following the presidential declaration of public health emergencies in the states of Florida and Georgia in the wake of hurricane Michael, secretary of the Department of Health and Human Services (HHS) Alex Azar has followed suit in both states and has exercised his authority to waive HIPAA...

FDA and DHS to Increase Collaboration and Better Coordinate Efforts to Improve Medical Device Cybersecurity

The U.S. Food and Drug Administration (FDA) and the Department of Homeland Security (DHS) have announced a memorandum of agreement to implement a new framework to increase collaboration and improve coordination of their efforts to increase medical device security. The security of medical devices...

The HIPAA Risk Analysis: Guidance and Tools for HIPAA Covered Entities and Business Associates

The HIPAA Risk analysis is a foundational element of HIPAA compliance, yet it is something that many healthcare organizations and business associates get wrong. That places them at risk of experiencing a costly data breach and a receiving a substantial financial penalty for noncompliance. The...

FDA Issues Warning About Flaws in Medtronic Implantable Cardiac Device Programmers

The U.S. Food and Drug Administration (FDA) has issued a warning about vulnerabilities in certain Medtronic implantable cardiac device programmers which could potentially be exploited by hackers to change the functionality of the programmer during implantation or follow up visits. Approximately...

FDA and DHS to Increase Collaboration and Better Coordinate Efforts to Improve Medical Device Cybersecurity

The U.S. Food and Drug Administration (FDA) and the Department of Homeland Security (DHS) have announced a memorandum of agreement to implement a new framework to increase collaboration and improve coordination of their efforts to increase medical device security. The security of medical devices...

Webinar: TitanHQ and Datto Networking Discuss Enhanced Web Content Filtering

Earlier this year, spam and web filtering solution provider TitanHQ partnered with Datto Networking, the leading provider of MSP-delivered IT solutions to SMBs. The new partnership has allowed Datto to enhance security on the Datto Networking Appliance with enterprise-grade web filtering technology...

FDA Issues Warning About Flaws in Medtronic Implantable Cardiac Device Programmers

The U.S. Food and Drug Administration (FDA) has issued a warning about vulnerabilities in certain Medtronic implantable cardiac device programmers which could potentially be exploited by hackers to change the functionality of the programmer during implantation or follow up visits. Approximately...

$16 Million Anthem HIPAA Breach Settlement Takes OCR HIPAA Penalties Past $100 Million Mark

OCR has announced that an Anthem HIPAA breach settlement has been reached to resolve potential HIPAA violations discovered during the investigation of its colossal 2015 data breach that saw the records of 78.8 million of its members stolen by cybercriminals. Anthem has agreed to pay OCR $16...

Email Accounts Compromised at Biomarin Pharmaceutical and Envision Healthcare Corporation

Novato, CA-based Biomarin Pharmaceutical has discovered two employee email accounts have been compromised as a result of a phishing attack in which a temporary employee’s login credentials were obtained by the attacker. The attack was discovered on June 21, 2018 and immediate action was taken to...

Minnesota DHS Notifies 21,000 Patients That Their PHI Has Potentially Been Compromised

The Minnesota Department of Human Services has mailed letters to approximately 21,000 individuals on medical assistance to alert them to a possible breach of their protected health information (PHI) due to two recent phishing attacks. Two DHS employees’ email accounts have been confirmed as...

The HIPAA Risk Analysis: Guidance and Tools for HIPAA Covered Entities and Business Associates

The HIPAA Risk analysis is a foundational element of HIPAA compliance, yet it is something that many healthcare organizations and business associates get wrong. That places them at risk of experiencing a costly data breach and a receiving a substantial financial penalty for noncompliance. The...

$16 Million Anthem HIPAA Breach Settlement Takes OCR HIPAA Penalties Past $100 Million Mark

OCR has announced that an Anthem HIPAA breach settlement has been reached to resolve potential HIPAA violations discovered during the investigation of its colossal 2015 data breach that saw the records of 78.8 million of its members stolen by cybercriminals. Anthem has agreed to pay OCR $16...

Aetna Settles HIPAA Violation Case with State AGs

In 2017, errors occurred with two Aetna mailings that resulted in the impermissible disclosure of the protected health information of plan members, including HIV statuses and AFib diagnoses. A class action lawsuit was filed on behalf of the victims of the HIV status breach which was settled for $17...

$16 Million Anthem HIPAA Breach Settlement Takes OCR HIPAA Penalties Past $100 Million Mark

OCR has announced that an Anthem HIPAA breach settlement has been reached to resolve potential HIPAA violations discovered during the investigation of its colossal 2015 data breach that saw the records of 78.8 million of its members stolen by cybercriminals. Anthem has agreed to pay OCR $16...

Aetna Settles HIPAA Violation Case with State AGs

In 2017, errors occurred with two Aetna mailings that resulted in the impermissible disclosure of the protected health information of plan members, including HIV statuses and AFib diagnoses. A class action lawsuit was filed on behalf of the victims of the HIV status breach which was settled for $17...

UMass Memorial Health Care Pays $230,000 to Resolve Alleged HIPAA Violations

Mass Memorial Health Care has been fined $230,000 by the Massachusetts attorney general for HIPAA failures related to two data breaches that exposed the protected health information (PHI) of more than 15,000 state residents. A lawsuit was filed against UMass Memorial Health Care in which attorney...

OCR Encourages Healthcare Organizations to Conduct a Gap Analysis

In its April 2018 cybersecurity newsletter, OCR draws attention to the benefits of performing a gap analysis in addition to a risk analysis. The latter is required to identify risks and vulnerabilities that could potentially be exploited to gain access to ePHI, while a gap analysis helps healthcare...

How to Defend Against Insider Threats in Healthcare

One of the biggest data security challenges is how to defend against insider threats in healthcare. Insiders are responsible for more healthcare data breaches than hackers, making the industry unique. Verizon’s Protected Health Information Data Breach Report highlights the extent of the problem....

Former Berkeley Medical Center Worker Gets 5 Years’ Probation for Identity Theft

In federal court on Monday, Chief U.S. District Judge Gina M. Groh sentenced a former Berkeley Medical Center worker to 5 years’ probation for her role in an identity theft scam. In addition to probation, Angela Dawn Roberts, 42, of Stephenson, VA, must pay $22,000 in restitution. Angela Dawn...

HHS Secretary Alex Azar Promises Reforms to Federal Health Privacy Rules

At a July 27 address at The Heritage Foundation, Secretary of the Department of Health and Human Services (HHS), Alex Azar, explained that the HHS will be undertaking several updates to health privacy regulations over the coming months, including updates to the Health Insurance Portability and...

Legislation Changes and New HIPAA Regulations in 2018

The policy of two out for every new regulation introduced means there are likely to be few, if any, new HIPAA regulations in 2018. However, that does not mean it will be all quiet on the HIPAA front. HHS’ Office for Civil Rights (OCR) director Roger Severino has indicated there are some HIPAA...

OCR Launches New Tools to Help Address the Opioid Crisis

OCR has launched new tools and initiatives as part of its efforts to help address the opioid crisis in the U.S., and fulfil its obligations under the 21st Century Cures Act. Two new webpages have been released – one for consumers and one for healthcare professionals – that make information...