HIPAA Email News

Email accounts have been compromised in security incidents at Tower Clock Eye Center in Wisconsin, DMEScripts in Indiana, and General...

Email is the second most common location for breached healthcare information behind network servers. Over the past few days, five...

GoDaddy is not HIPAA compliant for its web hosting services, however organizations that subscribe to a Business Professional or a...

Four HIPAA-covered entities have recently reported breaches of their email environments: Southern Bone & Joint Specialists in Mississippi, Connally Memorial...

The data breaches at Michigan Medicine keep on coming, with the latest incident involving unauthorized access to an employee’s email...

Email accounts have been compromised at Guam Seventh-Day Adventist Clinic and Mount Carmel Behavioral Health. The attack on Guam Seventh-Day...

Charlotte, NC-based Atrium Health, a healthcare provider with 40 hospitals and more than 1,400 care locations in North Carolina, South...

Goodwin Living and the Los Angeles County Department of Mental Health have recently reported breaches of their email environments and...

Welcome Health and United Way of Connecticut have reported breaches of employee email accounts and potential unauthorized access to patient...

The Facial Pain Center in Minnesota has revealed several employee email accounts were accessed by an unauthorized individual in January...

Major data breaches have been reported by Park Dental and Dental Specialists of Minnesota, which involved the protected health information...

Email accounts containing patients’ protected health information have been compromised at University of Connecticut Health Center Finance Corporation and Maryville...

United of Omaha Life Insurance Company in Nebraska has confirmed that a response to a phishing email has resulted in...

The Georgia-based healthcare provider, Aveanna Healthcare, has recently announced that the email accounts of 11 employees have been accessed by...

University of Michigan Medicine (Michigan Medicine) has recently notified 56,953 individuals about the exposure of some of their protected health...

Memorial Sloan Kettering Cancer Center (MSK) has announced that the protected health information of 12,274 individuals has been exposed in...

There are many ways that the HIPAA Rules can be violated via email, from simple errors involving protected health information...

A HIPAA email disclaimer is a section of text located at the end of an email that informs recipients that...

The Mount Kisco Surgery Center, doing business as the Ambulatory Surgery Center of Westchester in New York, has recently notified...

SkinCure Oncology has notified 13,434 patients about an email attack that occurred in June 2023, and the Wisconsin Department of...

On April 24, 2024, Aultman Hospital in Canton, OH, identified phishing emails being sent from an employee’s email account. The...

Hackers conducted a phishing campaign on Los Angeles County Department of Public Health employees, accessed 53 email accounts, and potentially...

McLean Hospital, Delta Specialty Hospital, and FC Compassus have discovered unauthorized access to their email systems and the exposure of...

HIPAA compliant email for therapists is a complex subject to discuss because some therapists do not qualify as HIPAA covered...

Personal email accounts are not HIPAA compliant because it is necessary to have a Business Associate Agreement in place with...

Hackers gained access to the email accounts of University of Chicago Medical Center employees and the data of more than...

Email security breaches have been reported by Children’s Healthcare in Minnesota and the Los Angeles County Department of Mental Health...

The Department of Health and Human Services (HHS) Health Sector Cybersecurity Coordination Center (HC3) has issued a warning to the...

Proton Mail is HIPAA compliant and can be used by covered entities and business associates to send encrypted emails containing...

Patient and Employee Data Exposed in Phishing Attack on The Kennedy Collective The Kennedy Collective, a Trumball, CT provider of...

MedStar Health is notifying more than 118,000 patients about an email security incident that exposed their protected health information. Email...

Presbyterian Healthcare Services has proposed a settlement to resolve a class action lawsuit that was filed by patients whose protected...

Bay Oral Surgery & Implant Center (Bay Oral), a network of oral & maxillofacial dental surgery centers serving the Green...

Los Angeles County Department of Health Services’ employees were targeted in a recent phishing campaign, and almost 2,800 Catholic Medical...

Email accounts have been compromised at the University of Wisconsin Hospitals and Clinics Authority and the Medical Home Network in...

Randolph Health and Rutgers Robert Wood Johnson Medical School have recently reported email incidents involving the unauthorized access/disclosure of patient...

Email accounts have been compromised at the Georgia home health provider Aveanna Healthcare and UNC Hospitals and School of Medicine...

A HIPAA compliant email service is an email service which includes the necessary capabilities to support compliance with HIPAA and...

Healthcare organizations have been warned about the threat of email bombing attacks, which are a type of denial-of-service (DoS) attack...

SparkPost is not HIPAA compliant because the terms and conditions of the now rebranded service prohibit violations of “any legal,...

Facebook Messenger is not HIPAA compliant and cannot be used to collect or disclose Protected Health Information (PHI) unless a...

Mailchimp is not HIPAA compliant because the email service provider is unable to provide the required satisfactory assurances that it...

Postmark is not HIPAA compliant and cannot be used by HIPAA covered organizations to send emails containing Protected Health Information...

HelloFax is HIPAA compliant provided organizations subscribe to a “Standard” or “Premium” business plan with Dropbox Sign, agree to the...

Twilio SendGrid is not HIPAA compliant and cannot be used to send email communications containing Protected Health Information (PHI) as...

The Google services that were formerly known as Google Hangouts are HIPAA compliant, and can be used to collect, transmit,...

The Foleck Center in Virginia and Mountain Dermatology Specialists in Colorado have discovered unauthorized access to employee email accounts and...

What is a HIPAA Compliant Messaging App? A HIPAA compliant messaging app is an integral part of a secure messaging...

Google Chat is HIPAA compliant when it is used as part of a Google Workspace plan that includes the necessary...

Text messaging in healthcare has many practical uses and is not affected by the restrictions of the Privacy Rule when...

A HIPAA compliant VoIP service is a service that facilitates voice communications via the Internet which has the necessary safeguards...

Text messaging is not HIPAA compliant, and unencrypted SMS messages should not be used for communicating ePHI unless a patient...

HIPAA compliant instant messaging is a secure method of communication that requires minimal set up, configuration, and instruction, as most...

A HIPAA email retention policy can be an important factor in an organization’s compliance efforts if documents that need to...

Google Forms is HIPAA compliant and can be used to create, receive, maintain, or transmit Protected Health Information provided the...

Signal is not a HIPAA compliant messaging solution and cannot be used to collect, store, or transmit electronic PHI because...

The email retention requirements are that, beyond federal or industry-specific requirements, every business should maintain records they may rely on...

A patient workflow in a hospital follows a patient through their entire hospital visit, from the point of admission to...

Hotmail is not HIPAA compliant and cannot be used to collect, store, or transmit Protected Health Information because the free...

HIPAA compliant email archiving is not specifically mentioned in the Security Standards for the Protection of Electronic Protected Health Information...

The City of Philadelphia is investigating a breach of its email environment. Suspicious activity was detected in its email environment...

Microsoft Outlook is HIPAA compliant provided that organizations subscribe to an Office 365 or Microsoft 365 enterprise plan that supports...

A HIPAA compliant phone service is any voice communication technology that supports compliance with the Administrative Simplification Regulations of the...

Applying best practices for creating an email archiving policy enable businesses to create a formal email archiving policy that establishes...

The healthcare industry has seen a sharp increase in advanced email attacks this year, according to new data from Abnormal...

IEC Group, Inc., doing business as AmeriBen, a medical benefits administration services provider, has recently reported an email-related HIPAA data...

WhatsApp is not HIPAA compliant and should not be used for receiving, storing, or sending Protected Health Information unless a...

Researchers at ESET have identified a largescale and ongoing phishing campaign targeting Zimbra Collaboration email servers at small- and medium-sized...

If you work in healthcare and regularly receive spam and malicious emails in your Office 365 inbox there is a...

A HIPAA-compliant phone number is most often a secondary phone number used by healthcare providers for communications in which Protected...

A settlement has been proposed by Maxim HealthCare Services to resolve all claims related to a 2020 cyberattack and HIPAA...

A class action lawsuit has been filed against Conifer and Tenet Healthcare over a breach of the protected health information...

Business Email Compromise scams are the biggest cause of losses to cybercrime. Over the past 5 years, more than $43...

West Oaks Eyecare – Ransomware Attack West Oaks Eyecare in Texas has notified 1,045 Texas residents that a malicious actor...

Email accounts have been compromised at Legacy Hospice and Live Oak Surgery Center, and a University of Miami Health employee’s...

Police Department of the City of New York Reports 21,500-Record Data Breach Unauthorized individuals have gained access to the email...

Cardiac Imaging Associates in Los Angeles, CA, has discovered an unauthorized individual has accessed an employee’s email account. The incident...

Cytometry Specialists, Inc., doing business as CSI Laboratories in Alpharetta, GA, has recently announced that the email account of an...

You can send medical records by email provided the reason for sending medical records is permitted or required by the...

Salinas Valley Memorial Healthcare System in California has agreed to settle a class action lawsuit for $340,000 to resolve claims...

The Oklahoma City home health provider, Healthback Holdings, has started notifying 21,114 individuals that some of their protected health information...

Aliso Viejo-based Covenant Care California, an operator of skilled nursing facilities and a provider of home health services in California...

Lake Mary, FL-based Central Florida Inpatient Medicine (CFIM) has recently discovered that the email account of an employee has been...

Kaiser Permanente, one of the largest nonprofit health plan and healthcare providers in the United States, has reported a breach...

Allaire Healthcare Group and Platinum Hospitalists have recently announced that an unauthorized individual has gained access to an employee email...

BJC HealthCare, a non-profit healthcare organization based in St. Louis, MO, has started notifying certain patients that some of their...

Oswego County Opportunities (OCO) in New York has announced that a limited number of employee email accounts were recently accessed...

Healthplex Inc., one of the largest providers of dental insurance in New York State, has announced that the email account...

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft...

Immediate intervention following an instance of unauthorized access to protected health information (PHI) by a healthcare employee is 95% effective...

Newman Regional Health (NRH), which operates a 25-bed critical access hospital in Emporia, KS, has recently started notifying 52,224 patients...

A recent data breach at the email marketing platform vendor Mailchimp has prompted a warning from the Department of Health...

Three email incidents have recently been reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada that have...

Email account breaches have been reported by Montrose Regional Health, EPIC Pharmacy Network, and Acacia Network, and North Shore University...

A round-up of data breaches that have recently been reported by healthcare organizations that have involved the exposure or theft...

Hackers have gained access to email accounts containing protected health information (PHI) at Injured Workers Pharmacy, iRise Florida Spine and...

Email-related breaches of protected health information (PHI) have recently been reported by the University of Arkansas for Medical Sciences and...

Nampa, Idaho-based Saltzer Health has started notifying certain patients that some of their protected health information (PHI) has been exposed...

The Bradenton, FL-based gastroenterology healthcare provider Florida Digestive Health Specialists (FDHS) has recently started notifying more than 212,000 patients that...

Three healthcare providers have recently reported security breaches involving the email accounts of employees, resulting in the exposure and potential...

Columbia, MD-based Maxim Healthcare Group has started notifying 65,267 individuals about a historic breach of its email environment and the...

Eastern Los Angeles Regional Center has discovered the email account of an employee has been accessed by an unauthorized individual....

Wilmington, DE-based Simon Eye Management has suffered a breach of its email environment and hackers potentially gained access to the...

CareATC, a Tulsa, OK-based population health management company, has discovered the email accounts of two employees have been accessed by...

South Florida Community Care Plan has discovered a former employee sent internal documents containing the protected health information of plan...

The New Jersey specialist diagnostic testing laboratory A2Z Diagnostics has started notifying patients that some of their protected health information...

Prestera Mental Health Center in West Virginia has started notifying 2,152 individuals about a security breach involving employee email accounts....

The medical payment billing service provider MultiPlan has announced a breach of its email environment. On January 27, 2021, suspicious...

A class action lawsuit filed by two former patients against BJC HealthCare over a March 2020 email data breach has...

Discovery Practice Management Notifies Individuals About June 2020 Email Incident Discovery Practice Management, a provider of administrative support services to...

UofL Health has started notifying 42,465 patients that some of their protected health information (PHI) was sent to an incorrect...

South Texas Health System has notified 6,761 individuals about an accidental disclosure of some of their protected health information. South...

Health Plan of San Joaquin (HPSJ), a non-profit Medi-Cal managed care provider based in French Camp, CA, has discovered an...

The Michigan-based group health plan broker and consultancy firm Manquen Vance – formerly Cornerstone Municipal Advisory Group – is alerting...

Three zero-day vulnerabilities have been identified in SonicWall Email Security products that are being actively exploited in the wild by...

Total Health Care Inc., a Detroit, MI-based health plan, has discovered unauthorized individuals have gained access to several employee email...

The Centers for Advanced Orthopaedics has discovered multiple employee email accounts have been accessed by unauthorized individuals. The practice, which...

Covenant Healthcare in Saginaw, MI has discovered an unauthorized individual gained access to two employee email accounts that contained the...

Grand River Medical Group in Dubuque, OH has discovered an unauthorized individual gained access to the email account of an...

An email error by an employee of Campbell County Health (CCH) has resulted in the impermissible disclosure of the protected health...

University of Pittsburgh Medical Center (UPMC) has announced the protected health information of more than 36,000 patients has potentially been...

The protected health information of certain patients of LSU Health University Medical Center-New Orleans has potentially been compromised in an...

Prestera Center for Mental Health Services, the largest behavioral health services provider in West Virginia, has discovered an unauthorized individual...

Meharry Medical College in Nashville, TN, has discovered an email account breach may have resulted in unauthorized individuals viewing or...

University of Minnesota Physicians has suffered a phishing attack that gave the attackers access to the email accounts of two...

Lafayette, LA-based Provider Health Services, Paragould-based Arkansas Methodist Medical Center, and Miami, FL-based lntelliRad Imaging have announced they have been...

Centerstone, a provider of mental health and substance use disorder treatment services in Indiana, Illinois, Tennessee, and Florida, has discovered...

Alameda Health System (AHS), an Alameda, CA-based provider of emergency, inpatient, outpatient, and wellness services in the East Bay area, has...

Rocky Hill, CT-based Starling Physicians has started notifying 7,777 patients that some of their protected health information was stored in...

Utah Pathology Services has announced an unauthorized individual has gained access to the email account of an employee and attempted...

More than 1,000 companies worldwide have been targeted in a business email compromise (BEC) campaign that has been running since...

Beaumont Health, the largest healthcare provider in Michigan, has started notifying approximately 6,000 patients that some of their protected health...

The Central California Alliance for Health has discovered an unauthorized individual gained access to the email accounts of several employees...

American Medical Technologies, a Irvine, CA-based provider of wound care solutions and medical supplies, has discovered an unauthorized individual gained...

The Florida-based population health management company and healthcare provider Cano Health has discovered the email accounts of three employees have...

The Everett & Hurite Ophthalmic Association (EHOA), a team of ophthalmology specialists serving Pittsburgh, PA & Warrendale, PA, has discovered...

Saint Francis Healthcare Partners in Connecticut is notifying 38,529 patients that some of their protected health information has potentially been...

The Otis R. Bowen Center for Human Services, an Indiana-based provider of mental health and addiction recovery healthcare services, has...

Relational Insurance Inc., an insurance brokerage firm doing business as Relation Insurance Services of Georgia (RISG), experienced an email security...

Hospital Sisters Health System has recently discovered an email security breach in August 2019 potentially resulted in unauthorized individuals gaining...

A further 5 healthcare data breaches of 500 or more records have recently been reported by HIPAA-covered entities and their...

The email accounts of several employees of Conway Medical Center in South Carolina have been accessed by unauthorized individuals. The...

InterMed, one of the largest healthcare providers in Southern Maine, has discovered the personal and health information of up to...

The Guidance Center (TGC), a nonprofit provider of mental health care services to disadvantaged children and their families in Long...

University of Cincinnati Health (UC Health) is investigating a security breach that saw the email accounts of multiple employees accessed...

The importance of security awareness training for healthcare employees has been highlighted by a recent phishing attack on Bonita Springs,...

Community Psychiatric Clinic in Seattle, WA, a provider of accredited outpatient, mental health treatment, and counselling services, has experienced two...

Vermont-based Adirondack Health is notifying approximately 25,000 patients that some of their protected health information has potentially been obtained by...

Three more healthcare organizations have discovered unauthorized individuals have gained access to the email accounts of employees and potentially accessed...

The Centerville, Ohio dental insurance carrier, Superior Dental Care, has discovered an unauthorized individual has gained access to an employee’s...

Three email system breaches have been reported in the past few days that have resulted in unauthorized individuals gaining access...

The Aliso Viejo, CA-based provider of residential care and skilled nursing facilities, Covenant Care, has discovered an unauthorized individual gained...

Rutland Regional Medical Center in Rutland City, the largest community hospital in the state of Vermont, has discovered hackers have...

EyeSouth Partners has announced that a hacker has gained access to an employee’s email account and has potentially viewed/obtained the...

Critical Care, Pulmonary & Sleep Associates (CCPSA) in Colorado has experienced a data breach that has impacted more than 23,300...

Valley Hope Association has announced that an unauthorized individual has gained access to the email account of an employee. Valley...

Centerstone Insurance and Financial Services, operating as BenefitMall, has started notifying more than 111,000 individuals that some of their protected...

Choice Rehabilitation of Creve Coeur, MO, has discovered an unauthorized individual hacked into a corporate email account of one of...

Approximately 32,000 patients of the University of Vermont Health Network’s Elizabethtown Community Hospital are being notified that some of their...

Prairie Fields Family Medicine in Fremont, NE, is alerting 6,450 patients that some of their protected health information was contained...

Certain current and former patients of St. John’s Episcopal Hospital and Episcopal Health Services in New York are being notified...

HealthEquity is notifying 165,800 individuals that some of their protected health information has been exposed as a result of a...

Texas-based First Care Health Plans is notifying more than 8,000 plan members that some of their personal information may have...

A new report by Cofense has revealed the most common healthcare phishing emails and which messages are most likely to...

Novato, CA-based Biomarin Pharmaceutical has discovered two employee email accounts have been compromised as a result of a phishing attack...

Hopebridge, an Indiana-based network of 28 autism treatment centers throughout the Midwest, has discovered it has been the victim of...

InterAct of Michigan, a provider of mental health and substance abuse treatments through clinics in Kalamazoo and Grand Rapids, has...

Two more healthcare organizations have reported phishing attacks that have resulted in cybercriminals gaining access to the protected health information...

The email account of an employee of Billings Clinic in Billings, MT, that contained the protected health information of 8,435...

The FBI has released its 2017 Internet Crime Report. Data for the report came from complaints made through its Internet...

UnityPoint Health has discovered the email accounts of several employees have been compromised and accessed by unauthorized individuals. Access to...

Beverly Hills, CA-based RoxSan Pharmacy has notified 1,049 patients that some of their protected health information has been disclosed to...

Primary Health Care Inc., a non-profit network of community health centers in Des Moines, Marshalltown and Ames, IA, has discovered...

Two email-related data breaches have been reported that have resulted in the disclosure of the protected health information of more...

53,173 patients who received services from Onco360 and CareMed Specialty Pharmacy have been notified that some of their protected health...

The Detroit-based Henry Ford Health System has started notifying almost 18,500 patients that some of their protected health information has...

A recent survey showed 98% of top healthcare providers have yet to implement the DMARC (Domain-based Message Authentication, Reporting &...

The protected health information (PHI) of 932 members of the Texas Children’s Health Plan has been discovered to have been...

Augusta, GA-based RiverMend Health, a provider of specialty behavioral health services including services for drug and alcohol addiction, has discovered...

A response to a phishing email has resulted in the PHI of 2,789 Kaleida Health patients being made accessible to...

The danger of phishing has been highlighted by an incident reported by Torrance Memorial Medical Center in Claysburg, PA. The...

New London, CT-based Sound Community Services Inc., a not-for-profit provider of education, support and assistance for individuals with persistent mental...

An electronic survey can provide healthcare organizations with valuable information to improve patient services; however, in the case of Rutland...

An unauthorized individual has gained access to an email account of an employee of Hill Country Memorial Hospital and sent...

644 participants of the Raising St. Louis program run by BJC HealthCare have been notified that some of their personally...

Saliba’s Extended Care Pharmacy in Phoenix, Arizona is alerting more than 6,500 patients to an accidental disclosure of some of...

The North Carolina Department of Health and Human Services has announced that the names, addresses, and Medicaid numbers of 12,731...

Health Department officials in Multnomah County, OR, have discovered that an employee set up an automatic mail forwarder on an...

In the past few days, two email spoofing attacks have been reported by healthcare organizations that have resulted in the...

The Tacoma, WA-based MultiCare Health System has announced that the email account of one of its employees has been compromised...

Almost 3,200 patients of the Medical College of Wisconsin have been notified that some of their protected health information has...

Today, a breach notice has appeared – dated August 18 – on the Department of Health and Human Services’ Office...

In February, patients of the Mayfield Clinic of Cincinnati, Ohio were sent an email containing a malicious attachment which downloaded...

JASACare, a New York-based home care services provider, has reported it has been attacked by hackers who managed to gain...

A phishing attack on California’s City of Hope Hospital has resulted in four staff email accounts being compromised. Three out...

BJC HealthCare, a not-for-profit health system based in St. Louis, MO., has started notifying 2,393 of its patients that some...

Just a matter of days after Magnolia Health Corporation, CA., announced one of its employees had fallen for a spoofed...

Magnolia Health Corporation is the latest healthcare provider to report a data breach caused by an employee responding to a...

Hillsides, a child welfare agency based in Pasadena, CA, has discovered that a former employee emailed highly confidential patient and...

A spreadsheet containing 14,910 patient names, along with Social Security numbers, dates of birth, telephone numbers, addresses, email addresses, past...

Even robust data security controls can be easily undone, as discovered by Middlesex Hospital in Connecticut. An email phishing scam...

A New York doctor made a simple but highly serious error this week that resulted in approximately 15,000 Social Security...

The spate of employee emailing errors continues, with the latest entry in the Office for Civil Rights “Wall of Shame”...

On July 24, Advanced Radiology Consultants, LLC., announced a data security event that exposed the data of a small subset...

A New York City Health and Hospitals Corporation (HHC) hospital HIPAA breach has been reported in which 3,334 patients’ Protected...

St. Louis County Health Department has reported that a former employee has inadvertently breached the Health Insurance Portability and Accountability...