In the wake of the national opioid overdose crisis, the Office for Civil Rights (OCR) has provided clarification on when covered entities are permitted to disclose patient information during opioid emergencies....more
The Maryland Personal Information Protection Act has been updated and the new provisions are effective January 1, 2018.
The new law expands the definition of personal information that is protected under the statute....more
US-CERT Warns of New Ransomware: Bad Rabbit -
The U.S. Computer Emergency Readiness Team (US-CERT) is warning companies in the U.S. about a new ransomware dubbed “Bad Rabbit.” US-CERT stated it has received multiple...more
11/3/2017
/ Airspace ,
Biometric Information ,
Centers for Medicare & Medicaid Services (CMS) ,
Children's Health Insurance Program (CHIP) ,
Class Action ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Department of Transportation (DOT) ,
Drones ,
Federal Aviation Administration (FAA) ,
Federal Pilot Programs ,
Fingerprints ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hilton ,
Hospitality Industry ,
Hotels ,
Hyatt ,
Information Technology ,
Internet of Things ,
LG Electronics ,
Malware ,
Medicare Access and CHIP Reauthorization (MACRA) ,
MIPS ,
NASA ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Unmanned Aircraft Systems ,
US-CERT
Paper records continue to be problematic. An Illinois psychiatrist reported to the Office for Civil Rights (OCR) that the medical records of 10,500 patients were stored in the basement of a house that he rented to an...more
Energy and Critical Infrastructure Industries Warned of Increased Attacks by FBI and DHS -
The FBI and Department of Homeland Security issued a joint statement on October 20, 2017 warning of an increased danger of a...more
10/27/2017
/ Affordable Care Act ,
Airspace ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyberbullying ,
Cybersecurity ,
Data Protection ,
Department of Homeland Security (DHS) ,
Drones ,
Electricity ,
Electronic Medical Records ,
Energy Sector ,
FBI ,
Federal Aviation Administration (FAA) ,
FERC ,
Hackers ,
Health Care Providers ,
Health Insurance ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Internet ,
Medical Records ,
Nonprofits ,
OCR ,
Open Enrollment ,
Personally Identifiable Information ,
PHI ,
Popular ,
Power Grid ,
TCPA ,
Technology Sector ,
Utilities Sector
Unfortunately, September was another banner month for data breaches involving the health care industry. According to the Office for Civil Rights (OCR) website, 39 data breaches involving over 500 records were reported to the...more
10/26/2017
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
OCR ,
Personally Identifiable Information ,
PHI ,
Ransomware
Fax machines are still used in the medical community, and these days, faxing may be more secure than emailing as hackers have not yet cracked the task of hacking into old fax machines. All kidding aside, fax machines have...more
Arkansas Oral & Facial Surgery Center (AOFSC) was recently hit with ransomware that shut down access to health information of its patients and rendered some of it imaging files, including X-rays of patient inaccessible....more
In its cyber security incident report outlining vulnerabilities for the second quarter of 2017, security firm McAfee lists the health care sector as having suffered the most security incidents, which surpasses the public...more
10/9/2017
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Malware ,
Personally Identifiable Information ,
PHI ,
Ransomware
McAfee Report Lists Health Care Sector as Most Targeted Industry for Cyber-Attacks -
In its cybersecurity incident report outlining vulnerabilities for the second quarter of 2017, security firm McAfee lists the health care...more
10/5/2017
/ Airspace ,
BSA/AML ,
Class Action ,
Corruption ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Department of the Interior ,
Drones ,
Fast-Food Industry ,
Federal Aviation Administration (FAA) ,
Financial Institutions ,
FinCEN ,
Franchises ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Home Depot ,
Malware ,
Money Laundering ,
Netflix ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Restaurant Industry ,
Unmanned Aircraft Systems ,
Venezuela ,
White Collar Crimes
As more and more state laws allow the use of marijuana for medical conditions, and dispensaries are opening to provide users with access to marijuana for medical purposes (and recreational use), patients are questioning and...more
The Office for Civil Rights (OCR) recently issued an “improved web tool that puts important information into the hands of individuals, empowering them to better identify recent breaches of health information and learn how all...more
Baptist Medical Center South, located in Jacksonville, Florida has admitted that one of its backup drives has been missing since May 18, 2017. The unencrypted backup drive contained the protected health information of 531...more
Following the most recent ransomware attack, known as NotPetya, (among other nicknames), many health care entities were victims of the ransomware, which prompted the Office of the National Coordinator (ONC) to issue guidance...more
7/10/2017
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
ONC ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
US-CERT
Numerous hospitals were victims to last week’s (aka NotPetya) ransomware attack. But one hospital—Princeton Community Hospital in West Virginia–has admitted that it is going to replace its entire computer network after Petya...more
A new study issued by Ponemon Institute, sponsored by IBM, reveals that healthcare data breaches still cost more than in other sectors.
The Ponemon Institute’s calculation is that the average healthcare data breach costs...more
Following the frequent and varied ransomware attacks on health care entities over the past few years, the Office for Civil Rights (OCR) published guidance last summer to the health care industry reminding it that a ransomware...more
7/3/2017
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Risk Management
Last week, the Department of Health and Human Services (HHS) issued its “Report on Improving Cybersecurity in the Health Care Industry,” which is the culmination of a year-long effort on behalf of the Cybersecurity Task...more
The North Dakota Department of Human Services (NDDHS) is notifying 2,452 Medicaid recipients that their protected health information has been compromised when their records were discovered in a dumpster....more
Last week, the Department of Health and Human Services (HHS) issued its “Report on Improving Cybersecurity in the Health Care Industry,” which is the culmination of a year-long effort on behalf of the Cybersecurity Task...more
Following the frequent and varied ransomware attacks on health care entities over the past few years, the Office for Civil Rights (OCR) published guidance last summer to the health care industry reminding it that a ransomware...more
The Arizona Department of Health Services (ADHS) has notified 2,500 patients that their personal and health information has been lost in the mail.
The affected patients were mothers and newborns enrolled in the newborn...more
The Office for Civil Rights (OCR) issued a press release today announcing that it has settled alleged HIPAA violations with Memorial Hermann Health System (MHHS) for $2.4 million. According to the Resolution Agreement it has...more
Bangor Health Center, a psychiatric practice located in Bangor, Maine, has notified 4,229 patients that a hacker from Moldova has accessed their psychiatric records, including names, addresses, Social Security numbers,...more
Touted as the first OCR settlement with a wireless health services provider, the OCR announced on April 24, 2017, that it has settled alleged HIPAA violations with CardioNet, based in Pennsylvania for $2.5 million....more