Healthcare Industry Legal News

• Gandara Mental Health Center Settles Class Action Data Breach Lawsuit
• Oglethorpe Settles Data Breach Lawsuit
• Alpine Ear, Nose, & Throat Settles Class Action Data Breach Lawsuit
• Former Maryland Pharmacist Indicted Over 8-Year Cyber Spying Campaign
• American Cybersecurity Professionals Given Jail Terms for BlackCat Ransomware Attacks
• Southern Illinois Healthcare Enterprises Pixel Settlement Approved
• Settlements Agreed to Resolve Two Class Action Healthcare Data Breach Lawsuits
• SAG-AFTRA Health Plan Settles Lawsuit Over 2024 Phishing Incident
• South Texas Oncology and Hematology Pays $1.1M to Settle Data Breach Lawsuit
• Alabama Ophthalmology Associates Data Breach Settlement Gets First Nod
• Healthcare AI Firm Sued Over Alleged Unlawful Disclosures of Genetic Data
• Absolute Dental Settles Class Action Data Breach Lawsuit for $3.3M
• Tangoe Data Breach Settlement Receives Preliminary Approval
• $3.75M Settlement Resolves Data Breach Lawsuit Against Chattanooga Heart Institute
• Illinois Bone and Joint Institute Settles Class Action Data Breach Lawsuit for $4M
• Anne Arundel Dermatology Pays $2.4M to Settle Data Breach Lawsuit
• Settlement Agreed to Resolve Class Action Data Breach Litigation Against Concord Orthopaedics
• OrthopedicsNY Settles Class Action Data Breach Lawsuit for $1.45M
• Cardiovascular Consultants Pays $3.85M to Settle Data Breach Litigation
• Iowa AG Sues Change Healthcare Over 2024 Ransomware Attack
• Eye Physicians of Central Florida Data Breach Settlement
• Excelsior Orthopaedics; Buffalo Surgery Center Pay $2.4 Million to Settle Data Breach Lawsuit
• Balance Autism Settles Class Action Data Breach Lawsuit
• Akeela Data Breach Settlement Gets First Nod from the Court
• Essen Medical Associates Agree to $4 Million Settlement to Resolve Class Action Data Breach Lawsuit
• GuardDog Telehealth Admits Improper Access to Medical Records
• Long Island Plastic Surgical Group Settles Class Action Lawsuit Over BlackCat Ransomware Attack
• Proliance Surgeons Settles Data Breach Litigation for $4,450,000
• $2.35 Million Settlement Agreed to Resolve Cornerstone Specialty Hospitals Data Breach Lawsuit
• Former Nuance Employee Pleads Guilty to Stealing 1.2 Million Patient Records
• General Physician Pays $2.5 Million to Settle Data Breach Litigation
• Asheville Eye Associates Settles Lawsuit Stemming from DragonForce Ransomware Attack
• Rebound Orthopedics & Neurosurgery Pays $2.5 Million to Settle Data Breach Lawsuit
• Catholic Health System & Northwell Health Settle Pixel Lawsuits
• Carespring Health Care Management & LifeBridge Health Settle Class Action Data Breach Lawsuits
• Data Breach Settlements Agreed by Centrelake Medical Group & Des Moines Orthopaedic Surgeons
• Emergency Medical Services Authority & Compassion Health Care Settle Data Breach Litigation
• Pinehurst Radiology Associates & Tallahassee Memorial HealthCare Settle Class Action Data Breach Lawsuits
• Three Healthcare Providers Settle Class Action Data Breach Lawsuits
• Staten Island University Hospital Settles Lawsuit Over Business Associate Data Breach
• McLaren Health Care Pays $14 Million to Settle Litigation Over Ransomware Attacks
• Legacy Health & Garnet Health Settle Class Action Lawsuits Over Website Tracking Tools
• Capital Health Data Breach Litigation Settled for $4.5M
• Gryphon Healthcare Agrees to Pay $2.87M to Settle Class Action Data Breach Lawsuit
• Northwell Health & Northbay Healthcare Settle Litigation Over Website Pixel Use
• Four Healthcare Providers Settle Class Action Lawsuits Over Data Breaches
• Texas & New Jersey Dermatology Practices Settle Class Action Data Breach Lawsuits
• HIPAA Enforcement by State Attorneys General
• Numotion Agrees to Pay $4 Million to Settle Litigation Stemming from 2024 Data Breaches
• Veradigm to Pay $10.5M to Settle Class Action Data Breach Lawsuit
• Epic Sues Health Information Exchange Network Alleging Improper Record Access
• PharMerica Pays Over $5.2 Million to Settle Class Action Data Breach Lawsuit
• Consulting Radiologists Pays $2.2M to Settle Class Action Data Breach Litigation
• Settlement Resolves Data Breach Litigation Against Falcon Healthcare-Interim Healthcare of Lubbock Texas
• Judge Gives First Nod to $1M Community First Medical Center Data Breach Settlement
• Continuum Health Alliance Settles Class Action Data Breach Lawsuit
• Can A Patient Sue for A HIPAA Violation?
• New Liberty Hospital; New York Blood Center; Memorial Blood Centers Settle Data Breach Lawsuits
• Murfreesboro Medical Clinic Settles Lawsuit Over 559K-record Data Breach
• VisionPoint Eye Center Data Breach Victims Benefit from $750,000 Settlement
• Oklahoma Spine Hospital Agrees to $1.1M Data Breach Settlement
• Dakota Eye Institute Settles Class Action Data Breach Lawsuit for $1 Million
• Sunflower Medical Group to Pay Up to $1.2 Million to Settle Class Action Data Breach Lawsuit
• Class Action Data Breach Settlements Agreed with Three Healthcare Providers
• OCR Agrees to $112,500 Settlement with Concentra to Resolve HIPAA Right of Access Violation
• $3.5M Settlement Agreed to Resolve Group Health Cooperative of South Central Wisconsin Data Breach Lawsuit
• Cerebral & RAYUS Radiology Settle Pixel Lawsuits
• Sutter Health, Lemonaid Health, & Redeemer Health Settle Pixel Data Breach Lawsuits
• Memorial Hospital and Manor Agrees to Settle Ransomware Class Action Lawsuit
• Behavioral Health Resources Pays $1.1 Million to Settle Data Breach Lawsuit
• Kaiser Permanente Agrees to Pay Up to $47.5 Million to Settle Web Tracker Litigation
• Texas Attorney General Dismisses Complaint Against HHS Seeking Vacatur of HHS Final Rules
• $3.5 Million Mindpath Health Data Breach Settlement Gets First Nod
• Main Line Fertility Center Settles Tracking Technology Lawsuit
• Rancho Family Medical Group Agrees to Pay $315K to Settle Data Breach Litigation
• Trinity Health; Precision Imaging Centers Settle Class Action Data Breach Lawsuits
• Goshen Health & Hancock Health Settle Pixel Data Breach Lawsuits
• Watson Clinic Agrees to $10 Million Data Breach Settlement
• $6.5 Million Settlement Resolves Omni Family Health Class Action Data Breach Lawsuit
• CarePro to Pay $1.3 Million to Settle Class Action Data Breach Lawsuit
• Discovery Practice Management Settles Lawsuit Over 2020 Data Breach
• Data Breaches Announced by Sun Valley Surgery Center & American Associated Pharmacies
• MedQ Agrees to Settlement to Resolve Ransomware Attack Lawsuit
• First Choice Dental Agrees to Pay up to $1,225,000 to Settle Data Breach Lawsuit
• University of Tennessee Medical Center & Margaret Mary Community Hospital Settle Meta Pixel Lawsuits
• Willis-Knighton Medical Center Settles Website Tracking Technology Lawsuit
• Pomona Valley Hospital Medical Center Pays $600K to Settle Meta Pixel Lawsuit
• Neuromusculoskeletal Center of The Cascades Settlement Provides Cash Benefits for Breach Victims
• Therapeutic Health Services Pays $790K to Resolve Class Action Data Breach Litigation
• $19.3 Million Settlement Proposed to Resolve NextGen Class Action Data Breach Lawsuit
• Yale New Haven Health Agrees to $18 Million Data Breach Settlement
• Greater Cincinnati Behavioral Health Services Pays $850K to Settle Data Breach Litigation
• Fraser Child and Family Center Agrees to $750,000 Data Breach Settlement
• City of Hope Settles Class Action Data Breach Lawsuit
• Akumin Agrees to Pay $1.5 Million to Settle Class action Data Breach Lawsuit
• Eastern Radiologists Agrees to $3.35 Million Data Breach Settlement
• Orthopedics Rhode Island Agrees to Pay $2.9 Million to Settle Class Action Data Breach Lawsuit
• $49.99M Settlement Agreed to Resolve Class Action Data Breach Lawsuit Against Heritage Provider Network et al
• ALN Medical Management to Pay $4 Million to Settle Class Action Data Breach Lawsuit
• Skagit Regional Health Settles Meta Pixel Class Action Litigation
• Reid Health Settles Meta Pixel Class Action Data Breach Lawsuit
• EyeMed Vision Care Agrees to Pay $5 Million to Settle Class Action Data Breach Lawsuit
• $2.55M Settlement Agreed to Resolve Octapharma Plasma Data Breach Lawsuit
• SSM Health Agrees to Settle MyChart Patient Portal Tracking Lawsuit
• Hospital Sisters Health System Settles Class Action Data Breach Lawsuit for $7.6 Million
• Flo Health; Google; Flurry to Pay $59.5M to Settle Privacy Lawsuit
• Bayhealth Medical Center Agrees to Settle 2024 Data Breach Lawsuit
• LCMC Health Agrees to Settle Lawsuit Over Tracking Code on Patient Portal
• OneBlood Will Pay Up to $1M to Settle Class Action Data Breach Lawsuit
• Medusind to Pay $5 Million to Settle Data Breach Litigation
• Columbia University Health Care to Pay $600,000 to Settle Data Breach Lawsuit
• Jefferson Healthcare Agrees to Settle Meta Pixel Class Action Litigation
• 23andMe Requests Bankruptcy Judge Approve Revised $50 Million Data Breach Settlement
• Alphabet’s Verily Sued by Former Executive Over Alleged HIPAA Breaches
• $13.75M Settlement Agreed to Resolve WebTPA Class Action Data Breach Litigation
• R1 RCM & Dignity Health to Pay $675,000 to Settle Data Breach Lawsuit
• Adena Health to Pay $1.73 Million to Settle Pixel Lawsuit
• HHS Agrees to Settlement Requiring the Restoration of Deleted Health Data and Websites
• Settlement Agreed to Resolve Weirton Medical Center Data Breach Lawsuit
• CVS Health Faces HIPAA Probe Over Alleged Use of Patient Data for Lobbying and Political Advocacy
• Morris Hospital Agrees to $1.36M Class Action Data Breach Settlement
• Couple Plead Guilty to $1M Fraud Scheme Involving Stolen Patient Data
• Children’s Hospital Medical Center of Akron Settles Pixel Class Action Settlement
• Mount Sinai Health System Settles Web Tracking Lawsuit for $5.3 Million
• $2.8 Million Cryptocurrency Seizure from Ransomware Operator That Targeted Healthcare
• Federal Judge Blocks HHS from Sharing Medicaid Data with ICE
• Nuance Communications Settles MOVEit Lawsuit for $8.5 Million
• Heartland Alliance Agrees to Data Breach Settlement
• The Christ Hospital Agrees to Pay up to $7 Million to Resolve Pixel Litigation
• Cencora & The Lash Group Settle Data Breach Litigation for $40 Million
• Family Health Center; NorthCare Settle Data Breach Lawsuits
• Boston Children’s Health Physicians Pays $5.15M to Settle Data Breach Lawsuit
• Medical and Dental Groups Settle Class Action Data Breach Lawsuits
• HCA Healthcare Multi-Million Dollar Data Breach Settlement Approved
• Healthcare Organizations Settle Website Tracking Class Action Lawsuits
• Bone & Joint Clinic Settles Ransomware Class Action Lawsuit for $575,000
• Lake Charles Memorial Health Agrees to $2 Million Data Breach Settlement
• BJC HealthCare Settles Website Tracking Lawsuit for up to $9.25 Million
• MedStar Health Agrees to $1.35 Million Settlement to Resolve Class Action Data Breach Litigation
• Florida Gastroenterology Practice Settles Data Breach Class Action Complaint
• Specialty Networks Settles Class Action Data Breach Lawsuit for $2.6 Million
• California Teaching Hospital Settles Meta Pixel Data Breach Lawsuit
• Northbay Healthcare Settles Data Breach Litigation for $3.6 Million
• ProSmile Holdings Settles Class Action Data Breach Lawsuit
• Community Care Alliance Agrees to Pay $1.09 Million to Settle Class Action Ransomware Lawsuit
• $14 Million Settlement Approved to Resolve Independent Living Systems Data Breach Litigation
• East Carolina Health Settles Data Leak Lawsuit for $250,000
• Henry Ford Health Settles Tracking Technology Lawsuit
• MarinHealth Pays $3 Million to Settle Class Action Meta Pixel Lawsuit
• Gramercy Surgery Center Agrees to Pay $400,000 to Cover Data Breach Claims
• HHS; DHS Sued by 20 States for Alleged Illegal Medicaid Data Disclosure
• Healthcare Hacker Facing Extradition to US and Up to 50 Years in Jail
• $918,510 Settlement Agreed to Resolve Data Breach Litigation Against OB/GYN Clinics
• Arisa Health to Pay $1.9 Million to Settle Data Breach Litigation
• MNGI Digestive Health Agrees to Pay $2.8 Million to Settle Data Breach Lawsuit
• $5.48 Million Settlement Approved to Resolve HealthEC Data Breach Litigation
• Google Must Face Majority of Claims in Healthcare Tracking Technology Class Action
• University of Rochester Medical Center Settles Pixel Lawsuit for $2.85M
• Serviceaide Facing Multiple Class Action Lawsuits Over 483K-Record Data Breach
• Practice Resources Agrees to $1.5 Million Data Breach Settlement
• Planned Parenthood Patients File Lawsuits Over Laboratory Services Cooperative Data Breach
• $4.4 Million Settlement Agreed to Resolve WellNow Urgent Care Data Breach Litigation
• Shields Health Care Agrees to $15.35 Million Settlement to Resolve Data Breach Litigation
• Coastal Orthopedics Agrees to Pay $1.4 Million to Settle Data Breach Litigation
• Robeson Health Care Corp. Agrees to $750K Data Breach Settlement
• Netgain Technology Agrees to $1.9 Million Settlement to Resolve Data Breach Litigation
• Imagine360 Settles Data Breach Lawsuit for $475,000
• $20 Million Settlement Agreed to Resolve Fortra GoAnywhere Data Breach Multidistrict Litigation
• City of Oakland Agrees Settlement to Resolve Class Action Data Breach Lawsuit
• Somnia’s $2.4 Million Data Breach Settlement Receives Final Approval
• AllCare Plus Pharmacy Settles Class Action Data Breach Lawsuit
• Ransomware Attack on Frederick Health Medical Group Affects 934,000 Patients
• Dameron Hospital Settles Class Action Data Breach Lawsuit For $650,000
• Navvis & Company; SSM Health Agree to $6.5 Million Data Breach Settlement
• Fairview Health Services Sues Change Healthcare After Incurring $7 Million in Losses
• Business Associate Sued By HIPAA-Covered Entity over Alleged HIPAA Security Rule Failures
• Cybersecurity Firm CEO Charged with Installing Malware on a Hospital Computer
• KU Health Facing Lawsuit Over Worker’s Unlawful Accessing of Nude Patient Photos
• Saint Louis University Agrees to $2 Million Settlement to Resolve Data Breach Lawsuit
• Hi-School Pharmacy Agrees to Settle Data Breach Lawsuit for $600,000
• Azura Vascular Care Agrees to $3.15 Million Data Breach Settlement
• Website Tracking Lawsuit Against Orlando Health Survives Motion to Dismiss
• Nebraska Enacts Law Protecting Companies from Class Action Liability for Cyber Events
• $17.5 Million Settlement Resolves Infosys McCamish Systems Data Breach Lawsuit
• Columbus Regional Healthcare Agrees to $1,175,000 Data Breach Settlement
• Settlement Agreed to Resolve RIPTA Ransomware Attack Lawsuit
• CareFirst BCBS Sues Change Healthcare Over February 2024 Ransomware Attack
• Apria Healthcare Agrees to $6.4M Data Breach Settlement
• Rite Aid Settles Data Breach Lawsuit for $6.8 Million
• Supreme Court Declines Petition to Take on Data Breach Case Against South Carolina FQHC
• Harvard Pilgrim Health Care to Pay $16 Million to Settle Data Breach Litigation
• New York Labor Union Settles Data Breach Lawsuit for $6 Million
• Fred Hutchinson Cancer Center Settles Class Action Data Breach Lawsuit for $11.5M
• Arietis Health Settles MOVEit Data Breach Lawsuit for $2.8 Million
• TRICARE Administrator Pays $11.23M Penalty to Resolve Cybersecurity-related FCA Claims
• Berry, Dunn, McNeil & Parker Agree to $7.25 Million Data Breach Settlement
• Judge Approves $7 Million Brightline Data Breach Settlement
• Southeast Series of Lockton Companies to Pay $9.9 Million to Settle Data Breach Litigation
• District of Columbia Health Benefit Exchange Authority Agrees to $1.45M Data Breach Settlement
• California Department of Corrections and Rehabilitation Settles 2022 Data Breach Lawsuit
• Mulkay Cardiology Consultants Agrees Settlement to Resolve Ransomware-related Lawsuit
• Settlement Resolves Rise Interactive Media & Analytics Class Action Data Breach Lawsuit
• Vi Living Settles Class Action Data Breach Lawsuit
• DOJ Drops Charges Against Surgeon Who Exposed Continuing Transgender Care at Texas Children’s
• Professional Finance Company Settles Class Action Data Breach Lawsuit for $2.5 Million
• Iowa Doctor Jailed for Unauthorized Medical Record Access
• Enzo Biochem Settles Ransomware Data Breach Class Action for $7.5 Million
• Morrison Community Hospital Agrees to $675K Settlement to Resolve Ransomware Lawsuit
• Hapy Bear Surgery Center Agrees to Settle Data Breach Lawsuit
• McPherson Hospital Agrees to $500,000 Settlement to Resolve Class Action Data Breach Lawsuit
• Eskenazi Health Pays $2.5 Million to Resolve Class Action Data Breach Lawsuit
• $8 Million Settlement Agreed in MU Health Care Data Breach Lawsuit
• Tampa General Hospital Settles Data Breach Lawsuit for $6.8M
• Brightline Agrees to $7 Million Settlement to Resolve Class Action Data Breach Lawsuit
• Second NetWalker Ransomware Affiliate Sentenced to 20 Years in Jail
• Russian-Israeli National Faces 41-Count Indictment for LockBit Development
• Luxottica Agrees $250,000 Settlement to Resolve Data Breach Litigation
• Jefferson Health Sued for Meta Pixel Privacy Violations
• Kaye-Smith Settles Class Action Data Breach Lawsuit for $2 Million
• HealthAlliance Pays $550,000 for Failing to Address a Known Cybersecurity Vulnerability
• Healthcare Hacker Sentenced to 10 Years in Jail
• $8.9 Million Data Breach Settlement Agreed by Elekta & Northwestern Memorial Healthcare
• VA Nurse Charged for Unlawfully Accessing a Patient’s Medical Records
• Mount Nittany Health Agrees $1.8 Million Settlement for Using Website Tracking Technologies
• GoodRx Agrees to $25 Million Settlement to Resolve Tracking Technology Lawsuit
• Russia Arrests Alleged HIVE/LockBit Ransomware Actor Wanted by FBI
• Postmeds Agrees to $7.5 Million Settlement to Resolve Data Breach Lawsuit
• Oak Valley Hospital & Pacific Cataract & Laser Institute Data Breach Settlements Await Final Approval
• Judge Approves $1.5 Million One Brooklyn Health Data Breach Settlement
• Cummins Behavioral Health Settles Data Breach Lawsuit for Up to $2.1 Million
• LinkedIn, Meta, and Healthcare Companies Sued for Using Tracking Tools
• Texas Attorney General Sues 2 Texas Physicians for Providing Gender-Affirming Care to Minors
• Court of Appeals Revives Chelan-Douglas Health District Data Breach Lawsuit
• Texas Doctor Sues HHS to Prevent Enforcement of Reproductive Health Care Privacy Rule
• Great Expressions Dental Centers Settle Data Breach Lawsuit for $2.7 Million
• East River Medical Imaging $1.85 Million Settlement Due to Receive Final Approval
• Supreme Court Declines to Hear Biden Administration’s Challenge in Texas Emergency Abortion Dispute
• Four Individuals Connected to LockBit Ransomware Attacks Arrested; Evil Corp Members Sanctioned
• CorrectCare Integrated Health Data Breach Lawsuit Settled for $6.49 Million
• Lehigh Valley Health Network Data Breach Lawsuit Settled for $65 Million
• St. Croix Regional Medical Center Settles Lawsuit Alleging Overcharging for Medical Records
• Karakurt Ransomware Group Member Charged in Ohio
• Atlantic General Hospital Settles Data Breach Lawsuit for $2.25 Million
• Humana Agrees to Settle Part D Whistleblower Lawsuit for $90 Million
• Acadian Ambulance Facing Multiple Class Action Lawsuits Over Data Breach
• Prospect Medical Holdings Data Breach Lawsuit Survives Motion to Dismiss
• Rite Aid Facing Class Action Lawsuit Over Data Breach Impacting 2.2 Million Customers
• Children’s Online Privacy Legislation Overwhelmingly Passed by Senate
• Pharmacy Association and 40 Providers Sue Change Healthcare Over Cyberattack
• MCG Health Settles Class Action Data Breach Lawsuit for $8.8 Million
• Class Action Lawsuit Alleges Pruitt Health Ransomware Attack Due to Negligence
• Lurie Children’s Hospital Sued Over January 2024 Ransomware Attack
• $3.4M Settlement Resolves Claims Against Nationwide Vision/Sightcare Over 2021 Data Breach
• ONC Proposes Rule to Improve Patient Engagement, Information Sharing, and Interoperability
• LivaNova Facing Multiple Class Action Lawsuits Over October 2023 Cyberattack
• Pennsylvania’s Updated Breach Notification Law Requires Credit Monitoring Services for Breach Victims
• Seattle Plastic Surgery Practice to Pay $5 Million to Resolve False Review and Illegal NDA Lawsuit
• Heritage Valley Health System Pays $950,000 to Settle Alleged HIPAA Security Rule Violations
• Texas Judge Vacates OCR’s Website Tracking Technology Guidance
• Sav-Rx Sued Over 2.8 Million-record Data Breach
• Adventist Health Settles Alleged HIPAA Violations with California Attorney General
• Superior Air-Ground Ambulance Service Facing Class Action Lawsuit Over 858K-Record Data Breach
• Blackbaud Agrees to $6.75 Million Data Breach Settlement with California
• Texas Children’s Hospital Whistleblower Doctor Indicted on Four Counts of Criminal HIPAA Violations
• Designed Receivable Solutions Sued Over 500M-Record Data Breach
• Class Action Lawsuit Filed Against Cencora/Lash Group Over Cyberattack
• Mercy Health Agrees to Pay $1.8 Million to Settle Insider Data Breach Lawsuit
• Mistrial Declared in Criminal HIPAA Prosecution of Couple Who Disclosed PHI to Undercover FBI Agent
• Palm Beach Health Sued for Alleged Use of Meta Pixel Tracking Code on Patient Portal
• FTC Finalizes Settlement with Blackbaud and Orders Deletion of Personal Data
• Judge Denies Class Certification in Blackbaud Lawsuit
• Settlement Proposed to Resolve Gifted Healthcare Data Breach Lawsuit
• Presbyterian Healthcare Services Agrees to Settle Email Breach Lawsuit
• BioPlus Specialty Pharmacy Services Proposes Settlement to Resolve Data Breach Lawsuit
• BakerHostetler Report Identifies Healthcare Data Breach and Litigation Trends
• Federal Judge Tosses CommonSpirit Health Data Breach Lawsuit Due to Lack of Standing
• Ernest Health Sued Over 2024 Ransomware Attack and Data Breach
• MedData Settles Class Action Data Breach Lawsuit for $7 Million
• FTC Prohibits Alcohol Addiction Firm from Sharing Consumer Data with Third Parties
• FTC Fines Mental Health Company Cerebral $7.1 Million for Consumer Privacy Violations
• Orrick, Herrington & Sutcliffe Agree $8 Million Settlement to Resolve Class Action Data Breach Lawsuit
• Children’s Healthcare of Atlanta Sued for Disclosing Health Information to Facebook
• Atlanta Women’s Health Group Sued Over 2023 Ransomware Attack
• Seattle Children’s Hospital Website Tracking Technology Lawsuit Dismissed with Prejudice
• Planned Parenthood Los Angeles Settles Class Action Data Breach Lawsuit for $6 Million
• Contract Class Certified in CareFirst Data Breach Lawsuit 9 Years After Legal Action was Initiated
• Lamoille Health Partners Settles Class Action Data Breach Lawsuit for $540,000
• New Jersey Nursing Facility to Pay $100,000 CMP to Resolve HIPAA Right of Access Violation
• Utah Updates Breach Notification Law
• Med-Data Settles Data Breach Lawsuit for $7 Million
• Roper St. Francis Healthcare Settles Data Breach Lawsuit for $1.5 Million
• Avem Health Partners Agrees $1.45 Million Settlement to Resolve Class Action Data Breach Lawsuit
• Petersen Health Care Files for Bankruptcy Following Ransomware Attacks
• Healthcare Providers Sue UnitedHealth Group Over Change Healthcare Ransomware Attack
• Concentra Health Services Sued Over PJ&A Data Breach
• Tennessee Orthopaedic Clinics Settles Class Action Data Breach Lawsuit
• LockBit Affiliate Sentenced to 4 Years in Jail and Ordered to Pay $860,000 in Restitution
• Class Action Lawsuits Filed Against American Vision Partners Over Data Breach
• Multiple Class Action Lawsuits Filed in Response to Change Healthcare Ransomware Attack
• Personal Touch Holding Corp. Settles Class Action Data Breach Lawsuit
• Indiana Attorney General Files Lawsuit Against Apria Healthcare Alleging HIPAA Violations
• Empress Ambulance Service Settles Class Action Lawsuit for $1.05 Million
• Boss of Gang Behind Attack on University of Vermont Medical Center Facing 40 Years in Jail
• Connexin Software Proposes Class Action Lawsuit Settlement to Avoid Bankruptcy
• Fortra GoAnywhere Hacking Lawsuits Consolidated in the Southern District of Florida
• HHS Issues Final Rule Modifying the Confidentiality of Substance Use Disorder Patient Records Regulations
• U.S. Fertility Proposes $5.75 Million Settlement to Resolve Class Action Data Breach Lawsuit
• Malicious Insider Incident at Montefiore Medical Center Results in $4.75 Million HIPAA Penalty
• FTC Orders Blackbaud to Improve Security and Enforce Data Retention Policies
• Florida Bill Seeks Safe Harbor for Organizations with Robust Cybersecurity Programs
• Russian National Sanctioned for Medibank Ransomware Attack
• Lincare Holdings Proposes $7.25 Million Settlement to Resolve Data Breach Lawsuit
• December 2023 Healthcare Data Breach Report
• Merck Reaches Settlement with Insurers over $1.4 Billion NotPetya Malware Attack
• Novant Health Settles $6.6 Million Pixel Privacy Breach Lawsuit
• LockBit Ransomware Group Behind Capital Health Cyberattack
• ReproSource Fertility Diagnostics Proposes $1.25 Million Class Action Data Breach Settlement
• Former Executive Sentenced to Probation for HIPAA Violation
• Michigan Attorney General Calls for New Data Breach Notification Law
• FTC Prohibits Rite Aid from Using Facial Technology System for Surveillance for 5 Years
• Fred Hutchinson Cancer Center Lawsuits Mount After Cyberattack and Data Breach
• Website Pixel Use Leads to $300K Fine for New York Presbyterian Hospital
• Seattle Children’s Hospital Sues Texas AG Over Demand for Trans Youth Medical Records
• MedStar Mobile Health Data Breach Settlement Proposed
• Horizon Actuarial Services Proposes $8.73M Settlement to Resolve Class Action Data Breach Lawsuit
• ALPHV/BlackCat Ransomware Operation Disrupted by FBI
• What is FINRA Compliance?
• Missouri Attorney General Files Lawsuit in Response to WU Refusal to Provide Transgender Patients’ Records
• Healthplex Settles Data Breach Investigation with NY Attorney General for $400,000
• Michigan Increases Penalties for Violence Against Healthcare Workers
• OCR Imposes First HIPAA Penalty in a Phishing Attack Investigation
• CarePointe ENT Settles HIPAA Lawsuit with Indiana Attorney General
• Iowa Community HomeCare Sued Over March 2023 Ransomware Attack
• Kroger Sued for Disclosing Pharmacy Patient Data via Meta Pixel Tool
• Republicans and Democrats Introduce Bills to Improve Consumer Privacy Protections
• St. Joseph’s Medical Center Pays $80,000 HIPAA Fine for PHI Disclosure to a Reporter
• IT Security Company COO Pleads Guilty to Conducting Cyberattack to Win Business
• Stricter Cybersecurity Regulations Proposed for New York Hospitals
• Costco Pharmacy Patients Sue for Website Tracking Technology Disclosures of PHI to Third Parties
• New York AG Settles Data Breach Investigation of U.S. Radiology Specialists for $450,000
• Federal Judge Unseals FTC Amended Complaint Against Kochava
• AHA Files Lawsuit Challenging HHS Guidance on Tracking Technologies
• SEC Sues SolarWinds over 2019 Cyberattack Alleging Company Defrauded Investors
• Doctors’ Management Services Settles OCR HIPAA Probe for $100,000
• HHS Publishes Proposed Rule Establishing Information Blocking Disincentives for Healthcare Providers
• Wright & Filippis Proposes $2.9 Million Class Action Data Breach Settlement
• Ragnar Locker Ransomware Infrastructure Taken Down and Suspected Developer Arrested
• New York AG Settles HIPAA Case with Home Health Company for $350,000
• September 2023 Healthcare Data Breach Report
• Healthcare Clearinghouse Settles Multi-state HIPAA Investigation for $1.4 Million
• Governor Newsom Signs California Delete Act into Law
• SEC Launches Investigation into Progress Software’s MOVEit Hack
• McLaren Health Facing Multiple Class Action Lawsuits over Ransomware Attack
• Patient Consent Not Required for Disclosures of PHI for Fundraising, Rules Minnesota Supreme Court
• First Lawsuit Filed Over 23andMe Data Breach
• Marietta Area Health Care Settles Class Action Data Breach Lawsuit for $1.75 Million
• Quest Diagnostics Facing Lawsuit for Disclosing Medical Information to Third Party Debt Collectors
• HIPAA Civil Monetary Penalty Adjustments for 2023
• Blackbaud Settles Multistate Data Breach Investigation for $49.5 Million
• Indiana Attorney General Sues CarePointe Over 2021 Ransomware Attack
• Bienville Orthopaedic Specialists Sued Over March 2023 Data Breach
• Amerita Named in Class Action Lawsuit Over Data Breach at PharMerica
• CareSource Facing Multiple Class Action Lawsuits Over MOVEit Data Breach
• IBM and Johnson & Johnson Health Care Systems Sued Over August 2023 Data Breach
• Colorado Attorney General Settles Data Breach Investigation with Broomfield Skilled Nursing and Rehabilitation Center
• PurFoods Sued Over 1.2 Million-Record Mom’s Meal Data Breach
• Health Care Service Corporation Facing Class Action Data Breach Lawsuit
• Judge Grants Preliminary Approval of Salud Family Health’s Proposed Data Breach Settlement
• Indiana Attorney General Sues IU Health for Violating Rape Victim’s Privacy
• Russian National Indicted for Scripps Health Ransomware Attack; 11 TrickBot/Conti Actors Sanctioned
• UnitedHealthcare Services Sued for MOVEit Transfer Data Breach
• Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG
• L.A. Care Health Plan Settles Multiple HIPAA Violations for $1.3 Million
• Medtronic & Edward-Elmhurst Health Sued Over Web Tracker Use
• CentroMed Facing 2 Class Action Lawsuits Over 350,000-Record Data Breach
• Allwell Behavioral Health Settles Data Breach Class Action for $650,000
• Orrick, Herrington & Sutcliffe Sued Over Ransomware Attack and Data Breach
• Lawsuit Alleges Unum Group at Fault for MOVEit Data Breach
• Judge Questions Whether Website Metadata is Regulated by HIPAA
• Potential HIPAA Right of Access Violation Settled for $80,000
• Federal Judge Tentatively Advances Meta Pixel Medical Privacy Class Action
• Advocate Aurora Health Settles Pixel Lawsuit for $12.225 Million
• Performance Health Technology Facing Class Action Lawsuits Over MOVEit Cyberattack
• Tampa General Hospital Sued Over 1.3 Million Record Data Breach
• Norton Healthcare Facing Class Action Lawsuit Over BlackCat Cyberattack
• VUMC Faces Lawsuit Over Disclosure of Medical Records of Transgender Patients to State AG
• First Lawsuit Filed Against HCA Healthcare Over 11 Million-Record Data Breach
• Johns Hopkins Facing Multiple Lawsuits Over MOVEit Data Breach
• Comprehensive Data Privacy Law Passed by the Delaware Legislature
• $6 Million Settlement Proposed to Resolve UKG/Kronos Data Breach Lawsuit
• HHS-OIG Final Rule Authorizes Information Blocking Penalties of up to $1 Million for Health IT Vendors
• HIPAA Business Associate Fined $75,000 for Maintaining ePHI on an Unsecured Server
• Great Valley Cardiology Sued over 181,000-Record Data Breach
• Nevada Consumer Health Data Bill Signed into Law
• Good Samaritan Hospital Settles Class Action Data Breach Lawsuit
• Intellihartx Facing Class Action Lawsuit Over 490K-Record Data Breach
• Onix Group Sued for Failing to Prevent Ransomware Attack and 320K-Record Data Breach
• Kaiser Permanente Fined $450,000 for CMIA Violations Due to Mailing Error
• Russian National Arrested and Charged for LockBit Ransomware Attacks
• 21,000-Record Data Breach Sparks Trinity Health Class Action Lawsuit
• Senate Committee Advances Rural Hospital Cybersecurity Enhancement Act
• Ransomware Attack Triggers Multiple Lawsuits Against Harvard Pilgrim Healthcare & Point32Health
• Blackbaud Had No Common Law Duty to Ensure the Confidentiality of Trinity Health’s Data
• Supreme Court Ruling Narrows Reach of Identity Theft Law
• FTC Files Amended Complaint Against Kochava for Selling Geolocation Data
• Settlement Agreed to Resolve Comprehensive Health Services Data Breach Lawsuit
• State Legislature Passes Texas Data Privacy and Security Act
• Amazon & FTC Agree $25 Million Settlement to Resolve Alleged FTC Act and COPPA Violations
• Florida Bans Offshore Storage of Electronic Health Records
• Arizona Man Sentenced to 54 Months in Criminal HIPAA Violation Case
• Doctor Fined for Privacy Violations Following Abortion on 10-Year-Old Rape Victim
• NY AG Fines Medical Management Company $550,000 for Patch Management Failures
• Updated Pennsylvania Breach of Personal Information Notification Act Now in Effect
• FTC Proposes Changes to Modernize the Health Breach Notification Rule
• NextGen Healthcare Facing Multiple Class Action Data Breach Lawsuits
• EyeMed Vision Care Settles Multistate Data Breach Investigation for $2.5 Million
• Maxim HealthCare Services Proposes Settlement to Resolve Email Breach Lawsuit
• SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit
• University of Iowa Hospitals and Clinics Sued for Unlawful Disclosures of PHI to Facebook
• Federal Court Dismisses FTC Complaint Against Kochava
• Pittsburgh Counselor Fined $15,000 for HIPAA Right of Access Violation
• Patient No Longer Seeking Injunction to Force Healthcare Provider to Pay Ransom
• 90 Degree Benefits Facing Class Action Lawsuit Over 181,500-Record Data Breach
• Former Methodist Hospital Employees Plead Guilty to Criminal HIPAA Violations
• Utah Updates Data Breach Notification Requirements
• March 2023 Healthcare Data Breach Report
• Lawsuit Filed Against Conifer & Tenet Healthcare Over Email Account Breach
• Insight Global Settles Class Action Data Breach Lawsuit
• NuLife Med Settles Class Action Data Breach Lawsuit
• Judge Denies Class Certification in CareFirst Data Breach Lawsuit
• Illinois Gastroenterology Group Settles 2021 Data Breach Lawsuit
• Lawsuits Mount Against DC Health Link Over Breach of Congress Members’ Data
• FBI: Losses to Cybercrime Increased by 49% in 2022 to $10.3 Billion
• Class Action Lawsuit Filed Against Cardiovascular Associates Over 441K-Record Data Breach
• Independent Living Systems Sued Over 4 Million-Record Data Breach
• Multiple Lawsuits Filed Against Arkansas Hospitals Over Data Breaches
• Settlement Agreed with Florida Children’s Health Insurance Website Contractor to Resolve False Claims Act Allegations
• Lehigh Valley Health Network Sued After Ransomware Gang Publishes Nude Patient Images
• $3 Million Settlement with Blackbaud Resolves SEC Allegations of Misleading Disclosures About Ransomware Attack
• Reventics Facing Class Action Lawsuit Over Royal Ransomware Attack and Data Breach
• Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach
• Democratic Senators Introduce Legislation to Ban the Use of Health Information for Advertising
• Four Californian Medical Groups Sued over Data Breach Affecting 3.3 Million Patients
• Suspected DoppelPaymer Ransomware Core Members Arrested in Europol-Led Operation
• Florida Man Pleads Guilty in Medicare Beneficiary Identifier Trafficking Case
• Settlement Reached in Preferred Home Care Data Breach Lawsuit
• True Health New Mexico Proposes Settlement to Resolve Class Action Data Breach Lawsuit
• CentraState Medical Center Facing Class Action Lawsuit Over December 2022 Ransomware Attack
• ACLA Expands Class Action Lawsuit Against RIPTA and UnitedHealthcare New England
• Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit
• Louisiana Health Systems Sued for Pixel-Related Disclosures of Patient Information
• Electromed Proposes $825,000 Class Action Data Breach Settlement
• Umass Memorial Health Proposes $1.2 Million Settlement to Resolve Data Breach Lawsuit
• Another Lawsuit Filed Against Connexin Software Over 2.2 Million-Record Data Breach
• $3 Million Settlement Proposed to Resolve 20/20 Eye Care Network Data Breach Lawsuit
• Cedars-Sinai Medical Center Sued for Website Tracking Technology Privacy Violations
• Lawsuit Seeks Damages for GoodRx Users for Invasion of Privacy
• Banner Health Settles Alleged HIPAA Security Rule Violations for $1.25 Million
• FTC Issues First Financial Penalty for a Health Breach Notification Rule Violation
• San Andreas Regional Center Agrees to Settle 2021 Ransomware Attack Lawsuit
• Katherine Shaw Bethea Hospital Proposes $380K Settlement to Resolve Data Breach Lawsuit
• Logan Health Proposes $4.3 Million Settlement to Resolve Class Action Data Breach Lawsuit
• Mayo Clinic Settles Lawsuit Alleging Former Employee Viewed Nude Patient Images
• Rehoboth McKinley Christian Health Care Patients to Be Compensated Up to $4,000 for Data Breach
• Consolidated Class Action Lawsuit Filed Against Shields Health Care Group Over 2 Million-Record Data Breach
• Washington Attorney General Sues Plastic Surgery Provider for HIPAA Violations and Falsely Inflating Online Ratings
• CommonSpirit Health Facing Class Action Lawsuit over Ransomware Attack and Data Breach
• Fertility Centers of Illinois Proposes $450,000 Settlement to Resolve Data Breach Lawsuit
• Scripps Health Proposes $3.5M Settlement to Resolve Class Action Ransomware Lawsuit
• Judge Denies Injunction Banning Meta from Collecting Patient Data via Meta Pixel Code
• Lawsuit Seeking Property Insurance Cover for Ransomware Attack Fails
• Class Action Data Breach Lawsuit Settled by Morley Companies
• Nurse Sentenced to 37 Months in Jail for Tampering with and Stealing Medications
• Sturdy Memorial Hospital & North Shore Pain Management Settle Data Breach Lawsuits
• $295,000 Settlement Proposed by Conway Regional Medical Center to Resolve Data Breach Lawsuit
• FTC and HHS Update Online Compliance Tool for Mobile Health App Developers
• New York Ambulance Service Facing Multiple Class Action Lawsuits over Ransomware Attack
• San Juan Regional Medical Center Settles Data Breach Lawsuit
• HHS, SAMHSA Propose Update to Improve Alignment of HIPAA Privacy Rule and 42 CFR Part 2
• 10 Charged Over BEC Scams Targeting Medicare, Medicaid, and Private Insurance Programs
• Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit
• Former Pennsylvania Medical Assistant Charged with Stealing Patient Information for Personal Gain
• Pennsylvania Updates Data Breach Notification Law
• Five Former Tennessee Hospital Employees Charged with Criminal HIPAA Violations
• New York Provider of Administrative Anesthesiology Services Facing Multiple Class Action Data Breach Lawsuits
• Lurie Children’s Hospital Proposes Settlement to End Insider Breach Lawsuit
• Lawsuits Filed Against OakBend Medical Center and Keystone Health Over Data Breaches
• Advocate Aurora Health and WakeMed Sued Over Meta Pixel Privacy Breaches
• Georgia Home Health Company Settles Phishing Investigation and Pays $425,000 Penalty
• California Appellate Court Confirms Trial Court’s Decision to Toss Class Action Insider Breach Lawsuit
• RIPTA, UnitedHealthcare of New England Sued Over 2021 Data Breach
• Pharma Sales Rep Pleads Guilty to Healthcare Fraud and Criminal HIPAA Violations
• United Health Centers of the San Joaquin Valley Proposes Settlement to Resolve Data Breach Lawsuit
• Doctor Pleads Guilty to Criminal Violations of HIPAA for Providing PHI to Pharma Sales Rep
• Netwalker Ransomware Affiliate Sentenced to 20 Years in Jail
• Mon Health Faces Class Action Lawsuit Over 493K Record Data Breach
• LifeBridge Health Agrees to $9.5 Million Settlement to Resolve 2016 Data Breach Claims
• Magellan Health Settles Class Action Data Breach Lawsuit for $1.43 Million
• 3 Dental Practices Fined for HIPAA Right of Access Violations
• Bricker & Eckler Agrees to Settle Class Action Data Breach Lawsuit for $1.95M
• Ambry Genetics Settles Class Action Data Breach Lawsuit for $12.25 Million
• The Urology Center of Colorado Agrees to Settle Class Action Data Breach Lawsuit
• Lamoille Health Partners Facing Class Action Lawsuit Over 58K-Record Data Breach
• House Democrats Seek Answers from Meta on its Data Sharing Policies
• California Legislature Passes Bill Prohibiting the Sharing of Information About Abortions
• FTC Sues Kochava Over Unlawful Collection and Sale of Sensitive Geolocation Data
• Avamere Holdings Facing Class Action Lawsuit Over 2022 Cyberattack
• Humana & Cotiviti Settle Class Action Data Breach Lawsuit
• Digital Marketing and Analytics Company Files Lawsuit Against FTC Over Alleged Privacy Violations
• Florida Orthopaedic Institute Proposes $4 Million Settlement to Resolve Class Action Data Breach Lawsuit
• Novant Health Notifies 1.36 Million Patients About Unauthorized Disclosure of PHI via Meta Pixel Code on Patient Portal
• Salinas Valley Memorial Healthcare Settles Email Data Breach Lawsuit for $340K
• Dental Care Alliance Settles Class Action Data Breach Lawsuit for $3 Million
• Meta Facing Further Class Action Lawsuit Over Use of Meta Pixel Code on Hospital Websites
• Department of Justice Announces Seizure of $500,000 in Ransom Payments Made by U.S. Healthcare Providers
• The Methodist Hospitals, Inc. Settles Class Action Data Breach Lawsuit for $425,000
• BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack
• Tenet Healthcare Sued Over Data Breach; San Francisco Settles Data Breach Lawsuit
• Health Aid of Ohio Settles Class Action Data Breach Lawsuit
• Multiple Class Action Lawsuits Filed Against MCG Health Over Data Breach
• University of Pittsburgh Medical Center Settles Data Breach Lawsuit for $450,000
• Meta Sued over the Scraping of Patient Data from Hospital Websites
• Bill Seeks to Ban Data Brokers from Selling Health and Location Data
• San Diego Family Care Agrees to $1 Million Settlement to Resolve Class Action Data Breach Lawsuit
• Class Action Lawsuit Filed Against Shields Health Care Group Over 2 Million-Record Data Breach
• Injured Workers Pharmacy Faces Class Action Lawsuit over Email Account Breach
• New York Judge Dismisses Class Action PACS Data Breach Lawsuit for Lack of Standing
• Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval
• Update to Indiana Data Breach Notification Law Shortens Timeline for Notifications
• Class Action Lawsuits Filed Against Partnership Health Plan & Oregon Anesthesiology Group over Ransomware Attacks
• Solara Medical Supplies Proposes $5 Million Settlement to Resolve Class Action Data Breach Lawsuit
• SuperCare Health Sued Over 318,000-Record Data Breach
• Increase in Class Action Lawsuits Following Healthcare Data Incidents
• OCR Seeks Comment on Recognized Security Practices and the Sharing of HIPAA Settlements
• 15-Month Jail Term for Woman Who Stole Over $200,000 Using Patient Data
• Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data
• DOJ Settles Civil Cyber Fraud Initiative Case with CHS and Imposes a $930,000 Penalty
• Logan Health Facing Class Action Lawsuit Over Data Breach
• Sea Mar Community Health Centers Facing Class Action Lawsuit over 688,000-Record Data Breach
• CaptureRx Proposes $4.75 Million Settlement to End Data Breach Litigation
• Inmediata Agrees to Settle Class Action Lawsuit for $1.125 Million
• Federal Court Recommends Dismissal of PracticeFirst Data Breach Lawsuit
• RI Attorney General Subpoenas RIPTA and UnitedHealthcare Over 22,000-Record Data Breach
• Memorial Health System Faces Class Action Lawsuit Over August 2021 Cyberattack
• Settlement Reached in Excellus Class Action Data Breach Lawsuit
• New York Fines EyeMed $600,000 for 2.1 Million-Record Data Breach
• Mass General Brigham Settles ‘Cookies Without Consent’ Lawsuit for $18.4 Million
• Accellion Proposes $8.1 Million Settlement to Resolve Class Action FTA Data Breach Lawsuit
• EHR Vendor Facing Class Action Lawsuit Over 320,000-Record Data Breach
• BioPlus Specialty Pharmacy Services Faces Class Action Lawsuit Over Data Breach
• Rhode Island Public Transit Authority Data Breach to be Investigated by State Attorney General
• Avalon Healthcare Settles HIPAA Case with Oregon and Utah State AGs and Pays $200,000 Penalty
• Accountancy Firm Facing Class Action Lawsuit Alleging Negligence and Breach Notification Failures
• New Jersey Fines Hackensack Healthcare Providers for PHI Breach and HIPAA Violations
• Planned Parenthood Los Angeles Facing Class Action Lawsuit Over October 2021 Ransomware Attack
• Medical Biller Faces Decades in Jail for Healthcare Fraud, Identity Theft, and Tax Offenses
• New Mexico Hospital Hit with Class Action Lawsuit over 2020 Data Breach
• Patient Sues Eskenazi Health Over Ransomware Attack After Misuse of Her Data
• Quest Diagnostics and Subsidiary Face Class Action Lawsuit Over Ransomware Attack
• HHS’ Office for Civil Rights Imposes Further 5 Financial Penalties for HIPAA Right of Access Violations
• Class Certification Order Lifted in Data Breach Lawsuit Against West Virginia University Health System
• DOJ Indicts 2 REvil Ransomware Gang Members: State Department Now Offering $10 Million Reward for Information
• Federal Judge Rules in Favor of UMMC in Legal Battle Over Theft of Patient Data
• UPMC Hacker Who Stole PII of 65,000 Employees Gets Maximum 7-Year Sentence
• New Jersey Infertility Clinic Settles Data Breach Investigation with State and Pays $495,000 Penalty
• Ransom Disclosure Act Requires Disclosure of Payments to Ransomware Gangs Within 48 Hours
• Elekta Faces Class Action Lawsuit over Ransomware Attack and Data Breach
• Lawsuit Alleges Ransomware Attack Resulted in Hospital Baby Death
• Healthcare Workers in Minnesota File Lawsuit Against Employers to Block Vaccine Mandate
• Class Action Lawsuits Filed Against San Diego Health Over Phishing Attack
• Healthcare Organizations Face Legal and Technological Challenges Achieving CCPA Compliance
• Class Action Lawsuit Filed Against St. Joseph’s/Candler over Ransomware Attack Affecting 1.4 Million Patients
• Patients Sue DuPage Medical Group over July 2021 Ransomware Attack
• OCR Announces 20th Financial Penalty Under HIPAA Right of Access Enforcement Initiative
• California DOJ Must Be Notified About Breaches of the Health Data of 500 or More California Residents
• 30 Month Jail Term for Texas Woman Who Stole and Sold Patients’ PHI
• Overlake Hospital Medical Center Proposes Settlement to Resolve Data Breach Case
• CaptureRx Facing Multiple Class Action Lawsuits Over Ransomware Attack Involving PHI of 2.4 Million Patients
• Former Scripps Health Worker Charged Over HIPAA Violation in COVID-19 Unemployment Benefit Fraud Case
• UPMC Settles Employee Data Breach Lawsuit for $2.65 Million
• Cyber Incident Notification Act of 2021 Introduced in the Senate
• Ohio Personal Privacy Act Introduced to Improve Privacy Protections for Ohioans
• Colorado Privacy Act Passed and Signed into Law
• Radiology Specialists Facing Class Action Lawsuit Over PACS Data Breach
• Texas Man Sentenced to 48 Months for Fraud Scheme Involving Theft of Electronic Health Records
• Kroger Proposes $5 Million Settlement to Resolve Data Breach Lawsuits
• Federal Judge Allows Blackbaud Consolidated Class Action Data Breach Lawsuit to Proceed
• Healthcare Workers File Lawsuit Alleging Amazon Alexa Devices Violated HIPAA
• BJC HealthCare Email Data Breach Lawsuit Survives Motions to Dismiss
• Dominion National Proposes $2 Million Settlement to Resolve Class Action Data Breach Lawsuit
• No Private Cause of Action Under HIPAA, but Possible Cause of Action for 14th Amendment Violation
• Former Mayo Clinic Doctor Charged Over Improper Medical Record Access
• Former Cedar Rapids Hospital Employee Who Weaponized Ex-Boyfriend’s PHI Sentenced to Probation
• Scripps Health Facing Multiple Class Action Lawsuits over Ransomware Attack
• Connecticut Legislature Enhances Data Breach Notification Law
• Houston Hospital Workers’ Lawsuit over Vaccine Mandate Dismissed by Federal Judge
• IT Security Company COO Charged with Cyberattack on Georgia Medical Center
• Texas Legislature Passes Bill Calling for State AG to Establish Data Breach ‘Wall of Shame’
• Humana and Cotiviti Facing Class Action Lawsuit over 63,000-Record Data Breach
• Settlement to Resolve Nebraska Medicine Data Breach Lawsuit Receives Preliminary Approval
• NIST Publishes Guidance for First Responders on the Use of Biometric Authentication for Mobile Devices
• Michigan Man Pleads Guilty to Theft and Sale of PII of UPMC Employees
• UHS Data Breach Lawsuit Allowed to Proceed but only for Patient Whose Surgery was Cancelled
• Pennsylvania Department of Health and Insight Global Sued over 72,000-Record Data Breach
• Einstein Healthcare Network Facing Class Action Lawsuit over 2020 Phishing Attack
• NSA/CISA/FBI: Patch Now to Stop Russian Government Hackers Exploiting These 5 Vulnerabilities
• Adventist Health Physicians Network Fined $40,000 for Privacy Breach
• Roper St. Francis Healthcare Faces Class Action Lawsuit Over Data Breach
• SalusCare Takes Legal Action Against Amazon to Obtain AWS Audit Logs to Investigate Data Breach
• Hospice CEO Pleads Guilty to Falsifying Healthcare Claims and Inappropriate Medical Record Access
• UPMC and Charles Hilton and Associates Facing Class Action Lawsuit Over 36,000-Record Breach
• Verkada Surveillance Camera Hacker Indicted on Multiple Counts of Conspiracy, Wire Fraud and Aggravated Identity Theft
• More Health Insurers Confirmed as Victims of Accellion Ransomware Attack and Multiple Lawsuits Filed
• NY Nurse Pleads Guilty to Tampering with a Consumer Product in HIPAA Case
• Multistate Settlement Resolves 2019 American Medical Collection Agency Data Breach Investigation
• FTC Urged to Enforce Breach Notification Rule When Fertility Tracking Apps Share User Data Without Consent
• Arizona High Court Revives Privacy Lawsuit Stemming from Pharmacy ED Medication Disclosure
• Virginia Consumer Data Protection Act Signed into Law
• Whistleblower Who Falsely Claimed Nurse Violated HIPAA Jailed for 6 Months
• Wilmington Surgical Associates Facing Class Action Lawsuit Over Netwalker Ransomware Attack
• 21st Century Oncology Data Breach Settlement Receives Preliminary Approval
• Class Action Lawsuit Filed Against US Fertility Over September 2020 Ransomware Attack
• Hospital Researchers Jailed for Stealing and Selling Research Data to China
• Brandywine Urology Consultants Data Breach Lawsuit Dismissed Due to Lack of Harm
• Public Health Emergency Privacy Act Introduced to Ensure Privacy and Security of COVID-19 Data
• Fertility App Provider Sued for Sharing User Data with Chinese Firms Without Consent
• Rady Children’s Hospital Facing Class Action Lawsuit over Blackbaud Ransomware Attack
• MD Anderson Cancer Center Has $4.3 Million OCR HIPAA Fine Overturned on Appeal
• FTC Settles 2019 Consumer Data Breach Case with SkyMed
• Seasonal Worker Sentenced to 42 Months Imprisonment for Stealing Data from Healthcare.Gov Database
• Kalispell Regional Healthcare Proposes 4.2 Million Settlement to Resolve Data Breach Lawsuit
• Mayo Clinic Faces Multiple Lawsuits over Insider Privacy Breach
• Zoll Sues IT Vendor for 277,000-Record Server Migration Data Breach
• $350,000 Settlement Reached to Resolve Saint Francis Healthcare Data Breach Lawsuit
• Georgia Man Pleads Guilty to Attempting to Frame a Former Acquaintance for Violating HIPAA Rules
• Anthem Inc. Settles State Attorneys General Data Breach Investigations and Pays $48.2 Million in Penalties
• Slew of Lawsuits Filed Over Recent Healthcare Data Breaches
• Business Associate Fined $2.3 Million for Breach of 6 Million Records and Multiple HIPAA Failures
• Member of The Dark Overlord Hacking Group Sentenced to 5 Years in Jail
• Express Scripts HIPAA-Based Lawsuit Dismissed by Court of Appeals
• HealthAlliance Hospital and Ciox Health Facing Class Action Medical Records Lawsuit
• Privacy Lawsuit Against UChicago and Google Dismissed by Federal Judge
• Konica Minolta Settles EHR False Claims Case for $500,000
• Federal Judge Dismisses Heritage Valley Health System NotPetya Lawsuit Against Nuance Communications
• Ransomware Data Breach Lawsuit Against Sarrell Regional Dental Center Tossed by Federal Judge
• Two Chinese Nationals Indicted for 10-Year Hacking Campaign on U.S. Organizations and Government Agencies
• States Start to Make Temporary COVID-19 Telehealth Changes Permanent
• Florida Orthopaedic Institute Facing Class Action Lawsuit Over Ransomware Attack
• The California Consumer Privacy Act is Now Being Enforced
• $185,000 Settlement Proposed to Resolve Grays Harbor Community Hospital Ransomware Lawsuit
• UnityPoint Health Proposes $2.8 Million+ Settlement to Resolve Class Action Data Breach Lawsuit
• NY District Court Kicks Data Breach Lawsuit Against Episcopal Health Services Back to State Court
• Hacker Arrested and Charged Over 2014 UPMC Cyberattack
• Senate HELP Committee Considers Permanent Changes to Telehealth Policies
• New York Accounting Firm Facing Class Action Lawsuit Over Maze Ransomware Attack
• Bipartisan Bill Introduced to Protect Privacy of COVID-19 Contact Tracing and Exposure Notification Apps
• Aveanna Healthcare Facing Class Action Lawsuit Over 2019 Phishing Attack
• New Washington D.C. Data Breach Notification Law Takes Effect
• Indiana Court of Appeals Reinstates Respondeat Superior Claim in HIPAA Breach Lawsuit
• Legal Action Taken Against Lurie Children’s Hospital of Chicago Over Two Recent Data Breaches
• Shareholder Sues LabCorp to Recover Losses Caused by Data Breaches
• $8.9 Million Banner Health Data Breach Settlement Gets Final Approval
• Tandem Diabetes Care Facing Class Action Lawsuit over January 2020 Phishing Attack
• Court Rules McHenry County Health Department Must Disclose COVID-19 Patients’ Names to 911 Dispatchers
• $1 Million Settlement Agreed to Resolve American HomePatient Data Breach Lawsuit
• Law Firm Files Class Action Lawsuit After Being Charged Excessive Fees for Copy of Patient’s Medical Records
• Quest Diagnostics 2016 Data Breach Settlement Receives Final Approval
• UW Medicine Faces Class Action Lawsuit Over 974,000-Record Data Breach
• Criminal HIPAA Violation Case Sees Healthcare Worker Arraigned on 430 Counts
• Hackensack Meridian Health Faces Class-Action Lawsuit Over December Ransomware Attack
• Florida Clinic Worker Facing 22 Years in Jail for Wire Fraud and Aggravated Identity Theft
• Georgia Man Charged Over False Allegations of HIPAA Violations
• Second Lawsuit Filed Against Kalispell Regional Healthcare Over Phishing Attack
• Georgia Supreme Court Overturns Ruling on Athens Orthopedic Clinic Data Breach Lawsuit
• Lawsuit Filed Against DCH Health System Over October Ransomware Attack
• Banner Health Agrees to Pay $6 Million to Settle Data Breach Lawsuit
• Kalispell Regional Healthcare Sued Over 130,000-Record Data Breach
• Solara Medical Supplies Sued Over 114,000-Record Data Breach
• Quest Diagnostics $195,000 Class Action Settlement Approved by Federal Judge
• California Amends CCPA and Expands Definition of Personal Information Warranting Data Breach Notifications
• New Data Breach Notification Requirements in Maryland for Health Insurers
• UCMC and Google File Motions to Dismiss HIPAA Privacy Lawsuit
• Georgia Court of Appeals to Decide Whether Athens Orthopedic Data Breach Victims Are Entitled to Damages
• MU Health Patients Take Legal Action Over May 2019 Phishing Attack
• Allscripts Proposes $145 Million Settlement to Resolve DOJ HIPAA and HITECH Act Case
• UnityPoint Health Data Breach Lawsuit Partially Dismissed by Federal Judge
• Judge Approves $74 Million Premera Blue Cross Data Breach Settlement
• New York Governor Signs SHIELD Act into Law
• Equifax Agrees to Pay up to $700 Million to Settle Data Breach Case
• Idaho Hospitals Must Now Comply with New Idaho Patient Rights Rules
• Premera Blue Cross Settles Multi-State Action for $10 Million
• Student Sues Hospital for Unauthorized Use of PHI as Teaching Tool
• UChicago Accused of Illegally Sharing Patient Data with Google
• Patient Care Coordinator Gets 1 Year Jail Term for HIPAA Violation
• AMCA Parent Company Files for Chapter 11 Protection
• Alabama Jury Awards Woman $300,000 Damages over HIPAA Breach
• AMCA Breach Sparks Flurry of Lawsuits and Investigations
• Oregon Updates Data Breach Notification Law to Include Vendors of Covered Entities
• Coffey Health System Agrees to $250,000 Settlement to Resolve Alleged Violations of False Claims and HITECH Acts
• Vermont Supreme Court Ruled Patient Can Sue Hospital and Employee for Privacy Violation
• $74 Million Settlement Proposed to Resolve Premera Blue Cross Class Action Lawsuit
• HHS Confirms When HIPAA Fines Can be Issued to Business Associates
• Lawsuit Alleges Hospital Worker Disclosed Information about Woman’s Sexual Assault to her Attacker
• Alleged Anthem Hackers Indicted Over 2015 Cyberattack Involving the Theft of 78.8 Million Records
• Arizona Court of Appeals Rules Patient Can Proceed with Negligence Claim Based on HIPAA Violation
• Class Action Lawsuit Filed Over Baystate Health Phishing Attack
• New Washington Breach Notification Law Unanimously Passed by Legislature
• HHS’ ONC Releases Second Draft of Trusted Exchange Framework and Common Agreement
• Washington State University Settles Class Action Data Breach Lawsuit for $4.7 Million
• Lawsuit Alleges Sharp Grossmont Hospital Secretly Recorded Patients Having Gynecology Operations
• National Board of Examiners in Optometry Agrees to Settle 2016 Data Breach Lawsuit for $3.25 Million
• Class Action Lawsuit Filed Over UConn Health Phishing Attack
• D.C. Attorney General Proposes Tougher Breach Notification Laws
• UCLA Health Settles Class Action Data Breach Lawsuit for $7.5 Million
• Northwestern Medicine Sued Over Medical Information Disclosure on Twitter
• Lawmakers Propose Florida Biometric Information Privacy Act
• Former Patient Care Coordinator Pleads Guilty to Disclosing Patients’ PHI with Intent to Cause Harm
• New Jersey Expands Definition of Personal Information Requiring Breach Notifications
• New Cybersecurity Requirements for Ohio Health Insurers
• California Bill Seeks to Expand State Data Breach Notification Law
• Maryland Considers Tougher Penalties for Ransomware Attacks
• OCR Settles Cottage Health HIPAA Violation Case for $3 Million
• Settlement Reached in Community Health Systems 4.5 Million-Record Data Breach Case
• Legal Action Over Illinois Biometric Information Privacy Act Violations Possible Without Actual Harm
• Aetna Settles HIV Status Breach Case with California AG for $935,000
• Oregon Health Information Property Act Proposes Paying Patients to Share Their Healthcare Data
• State AG Proposes Tougher Data Breach Notification Laws in North Carolina
• Physician Receives Probation for Criminal HIPAA Violation
• New Massachusetts Data Breach Notification Law Enacted
• 10 Year Jail Term for Boston Children’s Hospital Hacker
• Flowers Hospital Data Breach Settlement Approved by Judge
• LifeBridge Health Sued for 18-Month Malware That Allowed Theft of 530,000 Patients’ PHI
• $853,000 Awarded to Patient Whose PHI Was Impermissibly Disclosed to Former Boyfriend
• Massachusetts Attorney General Issues $75,000 HIPAA Violation Fine to McLean Hospital
• Failure to Terminate Former Employee’s PHI Access Costs Colorado Hospital $111,400
• EmblemHealth Pays $100,000 HIPAA Violation Penalty to New Jersey for 2016 Data Breach
• 12 State Attorneys General File HIPAA Breach Lawsuit Against Medical Informatics Engineering
• DOJ Indicts Two Iranian Hackers for Role in SamSam Ransomware Attacks
• UPMC Data Breach Lawsuit Reinstated by Pennsylvania Supreme Court
• Former Chilton Medical Center IT Worker Gets 5 Years’ Probation for Theft of Equipment Containing ePHI
• Virginia Superior Court Partially Reverses Lower Court Decision in Employee Snooping Case
• $200,000 Settlement Agreed with Business Associate Behind Virtua Medical Data Breach
• $16 Million Anthem HIPAA Breach Settlement Takes OCR HIPAA Penalties Past $100 Million Mark
• California HIV Patient PHI Breach Lawsuit Allowed to Move Forward
• Massachusetts Gynecologist Spared Jail Time for Criminal HIPAA Violation
• $999,000 in HIPAA Penalties for Three Hospitals for Boston Med HIPAA Violations
• NY Attorney General Fines Arc of Erie County $200,000 for Security Breach
• Couple Sues McAlester Hospital Over Alleged Snooping and Impermissible Disclosure
• Court Approves Anthem $115 Million Data Breach Settlement
• Hacktivist Convicted for DDoS Attack on Children’s Mercy Hospital
• Flowers Hospital Proposes $150,000 Settlement for 2014 Data Breach
• Children’s Mercy Hospital Sued for 63,000-Record Data Breach
• Federal Court Rules in Favor of Main Line Health in Age Discrimination Case Over HIPAA Violation
• District Court Ruling Confirms No Private Cause of Action in HIPAA
• 270,000 Patients Potentially Affected by Med Associates Hacking Incident
• 3-Year Jail Term for VA Employee Who Stole Patient Data
• Lawsuits Filed Over Alleged HIPAA Violations
• Colorado Governor Signs Data Protection Bill into Law
• Aetna Files Further Lawsuit in an Attempt to Recover Costs from 2017 HIV Status Privacy Breach
• Jury Must Decide Whether Psychiatrist was Sacked for a HIPAA Violation
• South Carolina Insurance Data Security Act Signed into Law
• Lincare Settles W-2 Phishing Scam Lawsuit for $875,000
• Class Action Lawsuit Claims UnityPoint Health Mislead Patients over Severity of Phishing Attack
• Massachusetts Physician Convicted for Criminal HIPAA Violation
• Former Berkeley Medical Center Worker Gets 5 Years’ Probation for Identity Theft
• 2 to 6 Year Jail Term for Receptionist Who Stole PHI from Dentist Office
• HHS Files Motion to Dismiss Ciox Health Lawsuit
• Oregon Data Breach Notification and Information Security Laws Updated
• Virtua Medical Group Fined $418,000 for Violations of HIPAA and New Jersey Law
• Alabama Governor Enacts Data Breach Notification Act
• South Dakota Enacts Data Breach Notification Law as Congress Considers Federal Breach Notice Bill
• Class Action Lawsuit Seeks Damages for Victims of CVS Caremark Data Breach
• EmblemHealth Fined $575,000 by NY Attorney General for HIPAA Breach
• 1,900 UVA Patients’ PHI Accessed by Hacker Behind FruitFly Malware
• Updated Colorado Data Breach Notification Advances: Reporting Period Cut to 30 Days
• Aetna Seeks At Least $20 Million in Damages from Firm Responsible for HIV Status Data Breach
• Nebraska Personal Information Bill Advances After 34-0 First Round Vote
• Lawsuit Over HIPAA Breach by Mail Service Survives Motion to Dismiss
• Breach Notification Bill Passes South Dakota Senate Judiciary Committee
• New Bill Proposes to Amend Iowa Breach Notification Act
• Aetna Agrees to Pay $1.15 Million Settlement to Resolve NY Attorney General Data Breach Case
• Kansas Attorney General Fines Healthcare Provider for Failing to Protect Patient Records
• Colorado Considers New Privacy and Data Breach Legislation
• Aetna Settles Class Action Lawsuit Filed by Victims of HIV Status Data Breach
• HHS Sued by CIOX Health Over Unlawful HIPAA Regulations
• Patients in Connecticut Can Now Sue Healthcare Providers for Privacy Violations
• Medicaid Billing Company Settles Data Breach Case with Mass. Attorney General for $100,000
• $2.3 Million 21st Century Oncology HIPAA Settlement Agreed with OCR
• Data Security and Breach Notification Act Introduced in Senate
• Lawsuits Filed for Alleged HIPAA and HITECH Act Violations
• 3 Year Jail Term for UK Man Linked to The Dark Overlord Hacking Group
• 5 Year Jail Term Upheld for Clinic Worker Who Stole PHI
• Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) Introduced by NY AG
• Employees Sue Lincare Over W2 Phishing Attack
• Termination for Nurse HIPAA Violation Upheld by Court
• Former Nurse Convicted of Theft of Patient Information and Tax Fraud
• Vermont Attorney General Agrees $264,000 SAManage USA Data Breach Settlement
• New York Hospital Sued for Disclosing Patient’s HIV Status to Employer
• CareFirst Data Breach Lawsuit May be Heading to the Supreme Court
• Healthcare Industry Tops List for Class Action Data Breach Lawsuits
• Lawsuit Filed Against Aetna for Disclosure of HIV Status of Patients
• Credit Monitoring Services Must Now Be Offered to Breach Victims in Delaware
• $5.5 Million Data Breach Settlement Highlights the Importance of Prompt Patching
• U.S. Senate Passes Jessie’s Law to Help Prevent Drug Overdoses
• Maryland Data Breach Notification Law Updated
• CareFirst Can Be Sued for Breach, Rules Court of Appeals
• Massive Healthcare Fraud Takedown Sees 412 Charged for $1.3 Billion in Fraudulent Billings
• Indiana Senate Passes New Law on Abandoned Medical Records
• Pair Charged with Identity Theft in Relation to WVU Medicine Breach
• World’s Largest Data Breach Settlement Agreed by Anthem
• Delayed Breach Notification Sees CoPilot Fined $130,000 by NY AG
• MDLive Privacy Lawsuit Voluntarily Dismissed
• Memorial Hermann Health System Hit with $2.4 Million HIPAA Fine
• MDLive Faces Class Action Lawsuit Over Alleged Patient Privacy Violations
• Wireless Health Services Provider Settles HIPAA Violations with OCR for $2.5 Million
• $400,000 HIPAA Penalty Agreed with Denver FQHC for Security Management Process Failures
• Flowers Hospital Data Breach Lawsuit Awarded Class-Action Status
• Court of Appeals Rules Horizon BCBS Class Action Has Standing Without Evidence of ID Theft
• Hospital Employee Jailed for Credit Card Theft
• 21st Century Cures Bill Sails Through Senate
• 21st Century Cures Act Unanimously Passed by House
• HIPAA Breach Class-Action Dismissed for Lack of Evidence of Harm
• Vindell Washington: HIPAA Not a Barrier to the Sharing of ePHI
• Banner Health Class-Action Claims 12 Months ID Theft Protection is Insufficient Reparation
• CareFirst Inc. Data Breach Lawsuit Dismissed for Lack of Standing
• House Passes Mental Health Reform Bill (Without the HIPAA Changes)
• Philadelphia Business Associate Agrees to $650,000 OCR Settlement
• Criminal HIPAA Case: Conviction for Respiratory Therapist
• Nurse Charged with Bank Fraud: HIPAA Breach Trial for Respiratory Therapist
• Anthem Data Breach Lawsuit Heading for Trial
• Class-Action Lawsuit Filed Against Sharp Grossmont Hospital for Video Privacy Breach
• ACLU Claims Myriad Genetics Violated HIPAA Rules by Withholding Genetic Data
• Engineer Indicted on Charges of Trade Secret Theft from Medical Device Companies
• Illinois Data Breach Notification Law Updated
• Data Breach Class-Action Lawsuit Denied by Penn. Superior Court
• Chicago Hospital Council Files Lawsuit to Prevent Deletion of Patient Data
• New York Hospital Fined $2.2 Million for Unauthorized Filming of Patients
• Raleigh Orthopaedic Clinic Settles for 750K for Lack of BAA
• Lawsuit Filed Against Facebook and Cancer Sites for Alleged HIPAA Violation
• California Ransomware Bill Passed by State Senate Committee
• Federal Court Rules Data Breach Covered by CGL Insurance Policy
• Anthem’s Request to Access Breach Victims’ Computers Denied
• 21st Century Oncology Patients Seek Damages After PHI Exposure
• Healthcare Cyberattack Suspect Arrested After Being Rescued at Sea
• Physical Therapy Provider Agrees to 25K HIPAA Violation Settlement
• Cybersecurity Companies Be Found Liable for Healthcare Data Breaches
• Lincare Inc to Pay $239,800 CMP for HIPAA Violation
• Prime Healthcare Services Hit with Privacy Breach Lawsuit
• Survey Indicates Law Firms are not Complying with HIPAA Rules
• Snapchat Video Posting Gets Nursing Assistant Fired
• New Oregon Breach Notification Law Comes Into Effect
• Exposure of PHI Grounds to Sue for Damages, Rules Mass. Judge
• California Patient Privacy Law Enforcement is Inconsistent
• Pittsburgh Woman Arrested for $600K Medical Insurance Fraud
• HIPAA Privacy Complaint Results in Federal Criminal Prosecution for First Time