As Hurricane Florence was making landfall, Department of Health and Human Services Secretary Alex Azar issued HIPAA guidance that outlined when hospitals in declared state of emergency areas can qualify for a waiver of...more
In its July newsletter on cybersecurity, the Office for Civil Rights (OCR) released “Guidance on Disposing of Electronic Devices and Media,” which outlines the requirements health care providers and business associates have...more
8/16/2018
/ Data Breach ,
Data Management ,
Digital Media ,
Electronic Data Transmissions ,
Electronic Protected Health Information (ePHI) ,
Electronically Stored Information ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Mobile Device Management ,
OCR ,
PHI ,
Risk Management
Cisco Talos has discovered a new menace to iPhone users—a sophisticated malware campaign targeting iPhones to trick users into downloading an open-source Mobile Device Management (MDM) solution that gives the hackers control...more
7/23/2018
/ Baseball ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Drones ,
Electronic Medical Records ,
Event Tickets ,
Health Care Providers ,
iPhone ,
Malware ,
Medical Devices ,
Personally Identifiable Information ,
PHI ,
Popular
It is clear that the healthcare industry continues to be targeted with cyber-attacks. In 2018, the 10 largest health care breaches, outlined here, include unauthorized access to protected health information (PHI) through a...more
In response to the opioid crisis, the Substance Abuse and Mental Health Services Administration (SAMHSA) in collaboration with the Office of the National Coordinator (ONC) recently issued two fact sheets to provide clarity on...more
5/14/2018
/ Confidential Information ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Healthcare ,
Medical Records ,
Mental Health ,
ONC ,
Patient Privacy Rights ,
Regulatory Oversight ,
Regulatory Standards ,
SAMHSA ,
Substance Abuse
Data breaches continue to be an issue for healthcare providers when looking at breaches reported to the Office for Civil Rights (OCR), as required by HIPAA. In the first three months of 2018, there were 77 breaches of...more
Bezop Cryptocurrency Investors’ Personal Information Exposed -
Kromtech Security has reported that the sensitive personal information of more than 25,000 investors of Bezop cryptocurrency was exposed when a MongoDB...more
5/4/2018
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Digital Currency ,
Drones ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Hospitality Industry ,
PHI ,
Smart Devices ,
Unmanned Aircraft Systems ,
Virtual Currency
In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the health care industry, Symantec has reported that a new...more
“Orangeworm” Targeting Health Care Industry -
In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the...more
4/27/2018
/ Blue Shield ,
Criminal Investigations ,
Cyber Attacks ,
Cyber Insurance ,
Data Breach ,
Digital Currency ,
Drones ,
Enforcement Actions ,
Extraterritoriality Rules ,
Hackers ,
Health Care Providers ,
Healthcare ,
Medical Devices ,
Personal Data ,
PHI ,
Risk Management ,
Scams ,
September 11th Victim Compensation Fund ,
SunTrust ,
Unmanned Aircraft Systems ,
US v Microsoft ,
Virtual Currency
The health care industry continues to get hammered by SamSam ransomware attacks, to the point that the Department of Health and Human Services Healthcare Cybersecurity and Communications Integration Center (HCCIC) has issued...more
The New Jersey Attorney General announced this week that it has fined Virtua Medical Group, which is comprised of more than 50 medical practices in New Jersey for failing to protect the privacy of 1,650 patients when their...more
The recently released Protenus Healthcare Breach Barometer report notes that in January, 2018, at least 473,807 patient records were compromised in 37 breaches reported to the Office for Civil Rights. ...more
3/19/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI
Verizon recently issued its Protected Health Information (PHI) Data Breach Report, which is always an interesting read. Not surprisingly, Verizon’s report concludes that based upon analysis of 1,360 security incidents...more
3/19/2018
/ Cyber Crimes ,
Dark Web ,
Data Breach ,
Electronic Medical Records ,
Health Care Providers ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
PHI ,
Popular ,
Ransomware ,
Risk Management ,
Verizon ,
Vulnerability Assessments
In the first settlement for HIPAA violations in 2018, Fresenius Medical Care North America (Fresenius) has agreed to pay $3.5 million to the Office for Civil Rights (OCR) to settle allegations against it relating to five data...more
2/12/2018
/ Corrective Actions ,
Data Breach ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management ,
Settlement Agreements
Cisco is warning customers using its Adaptive Security Appliance (ASA) software about a virtual private network (VPN) bug that could "allow an unauthenticated, remote attacker to cause a reload of the affected system or to...more
2/9/2018
/ CareFirst ,
Cisco ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Enforcement Actions ,
Health Care Providers ,
HIPAA Breach ,
LinkedIn ,
Popular ,
Privacy Settings ,
SCOTUS ,
Software ,
State and Local Government ,
State Data Breach Notification Statutes ,
Technology Sector ,
Unmanned Aircraft Systems ,
Virtual Private Networks ,
Vulnerability Assessments
Oklahoma State University Center for Health Sciences (OSUCHS) has notified 279,865 patients that their protected health information may have been compromised as a result of a hacking incident....more
Allscripts Healthcare Solutions Inc. notified its electronic medical record customers last week that a ransomware attack was behind the disruption of service for medical providers....more
2/2/2018
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
PHI ,
Popular ,
Ransomware
It has been predicted that the healthcare industry will continue to be lambasted with ransomware in 2018. It has also been predicted that attackers will move from taking sensitive information hostage to sabotage, service...more
1/22/2018
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Care Providers ,
Hospitals ,
Information Technology ,
Personally Identifiable Information ,
PHI ,
Ransomware
Health Care Organizations Saw an 89% Increase in Ransomware in 2017 -
Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the...more
1/16/2018
/ Customs and Border Protection ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Drones ,
Financial Industry Regulatory Authority (FINRA) ,
Hackers ,
Health Care Providers ,
HIPAA Audits ,
Initial Coin Offering (ICOs) ,
Malware ,
Mobile Devices ,
OCR ,
Personally Identifiable Information ,
Privacy Concerns ,
Ransomware ,
Transportation Industry
Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the number of hacking events targeted at health care entities involving...more
$64 Million in Bitcoin Stolen from NiceHash -
Many are lamenting not purchasing bitcoin now that its value has skyrocketed. Recently, Massachusetts Secretary of State William Galvin warned investors to stay away from...more
12/15/2017
/ Bitcoin ,
Canada ,
Cyber Crimes ,
Data Breach ,
Digital Currency ,
Drones ,
Financial Markets ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
OCR ,
Payment Processors ,
PayPal ,
Russia ,
Trading Platforms ,
Virtual Currency
In its November newsletter, the Office for Civil Rights (OCR) made a great point that we are seeing in the industry—the risks associated with previous employees. According to its newsletter, entitled “Insider Threats and...more
Cottage Health, a three hospital health care system located in California has agreed to pay the California Attorney General’s Office $2 million to settle allegations that it failed to implement data security safeguards to...more
Intel has confirmed it has a bug in its remote server management tool. The tool, known as Management Engine, permits administrators of IT systems to access devices remotely to apply updates or troubleshoot problems for users....more
12/1/2017
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Digital Currency ,
Drones ,
Federal Agency Taskforce ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Information Technology ,
Intel ,
PHI ,
Popular ,
Unmanned Aircraft Systems ,
Virtual Currency
The news about data breaches always seems to be dire lately. Some good news: data breaches in the healthcare industry were lower in October than in September, based upon reportable data breaches to the Office for Civil Rights...more
12/1/2017
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI