The Office for Civil Rights (OCR) this week announced a settlement with Peachstate Health Management LLC (aka AEON Clinical Laboratories) following a compliance review that uncovered alleged violations of HIPAA....more
CYBERSECURITY -
GAO Report Identifies Need for DOE to Address Risks to Electrical Distribution System -
The United States Government Accountability Office (GAO) recently completed and published a study on electricity...more
4/2/2021
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Email ,
FBI ,
GAO ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infrastructure ,
OCR ,
Personal Data ,
Personally Identifiable Information ,
Right of Access ,
Vulnerability Assessments ,
Wal-Mart
Continuing its serious march against covered entities not allowing patients access to their records, the Office for Civil Rights (OCR) has settled two more cases in two days in its Right of Access Initiative. This brings the...more
Some of those who are fortunate enough to have received the COVID-19 vaccine are so excited that they have been posting their vaccine card on social media accounts. ...more
CYBERSECURITY -
Free Ransomware Service Offered to U.S. Hospitals -
The Center for Internet Security (CIS) announced last week that it has launched the Malicious Domain Blocking and Reporting (MDBR) service to assist...more
2/26/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Driverless Cars ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Regulatory Agenda ,
Right of Access ,
WhatsApp
CYBERSECURITY -
Health and Personal Information of N.C. Residents Posted Online by Ransomware Group -
Becker’s Health IT reports that two batches of sensitive information of Chatham County, N.C. residents have been posted...more
2/19/2021
/ Article III ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Injury-in-Fact ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Right of Access ,
Standing
The Office for Civil Rights (OCR) recently announced another settlement involving investigations under its Right of Access Initiative. This settlement, the sixteenth such agreement under the Initiative (and one of the most...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that it had entered into a Resolution Agreement, Corrective Action Plan, and settlement with Lifetime Healthcare, Inc., the...more
1/21/2021
/ Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI
CYBERSECURITY -
Greater Baltimore Medical Center Hit with Ransomware -
The Greater Baltimore Medical Center (GBMC) was hit with a ransomware attack over the weekend (December 5-6) that potentially delayed procedures planned...more
12/11/2020
/ Cybersecurity ,
Dark Web ,
Data Breach ,
Data Privacy ,
Driverless Cars ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet of Things ,
Phishing Scams ,
Popular ,
Ransomware ,
Spoofing
The Office for Civil Rights (OCR) issued a press release on November 12, 2020, announcing that it had settled its eleventh enforcement action in its HIPAA Right-of-Access Initiative. The settlement with Dr. Rajendra Bhayani,...more
The Office for Civil Rights (OCR) recently settled a tenth case under its right-to-access initiative with California-based Riverside Psychiatric Medical Group (RPMG), for $25,000....more
New Jersey Attorney General (AG) Gurbir S. Grewal announced on November 2, 2020, that his office has settled with ShopRite’s parent company, Wakefern Food Corp. (Wakefern) and two of its supermarket entities for $235,000 for...more
Continuing its enforcement priority of assisting patients with obtaining access to their health records, the Office for Civil Rights (OCR) recently settled its ninth case with a covered entity that it alleged failed to...more
On October 8, 2020, New Jersey Attorney General Gurbir Grewal (AG) announced that his office has entered into a multi-state settlement agreement with Community Health Systems, Inc. (CHS) stemming from an investigation of a...more
10/16/2020
/ Cyber Attacks ,
Electronic Medical Records ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Popular ,
Settlement Agreements
Continuing with its previous enforcement actions centered on covered entities’ failure to provide patients with access to their health records, the Office for Civil Rights (OCR) announced on October 9, 2020 that it entered...more
Regulatory bodies are upping the ante when it comes to settling with companies that have suffered data breaches. In addition to the below settlements, see also the settlement between the OCR and Dignity Health....more
10/16/2020
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
OCC ,
Personally Identifiable Information ,
PHI
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more
10/5/2020
/ Data Breach ,
Electronic Medical Records ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Settlement Agreements
CYBERSECURITY -
VA Alerting 46,000 Veterans of Compromise -
The U.S. Department of Veterans Affairs Office of Management (VA) has announced that it is notifying approximately 46,000 veterans that their personal...more
9/18/2020
/ Cyber Insurance ,
Data Breach ,
Data Protection ,
Deep Fake ,
Department of Veterans Affairs ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Personally Identifiable Information ,
Right of Access ,
Social Media ,
Veterans
The Office for Civil Rights (OCR) announced yesterday that it has settled five investigations in its HIPAA Rights to Access Initiative (Initiative), which it announced would be an enforcement priority for it starting in 2019....more
Small health care organizations may think they are under the radar of the Office for Civil Rights (OCR), but a settlement the OCR agreed to last week should disabuse small health care providers of that notion....more
These days, news stations are frequently running stories concerning people being treated for COVID-19, the providers working tirelessly to care for them, and politicians visiting health care facilities for a first-hand look...more
Microsoft Issues Cybersecurity Risk Warning and Offers Help to Hospitals During COVID-19 Crisis -
On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk...more
4/6/2020
/ Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Microsoft ,
OCR ,
Popular ,
Telemarketing ,
Vulnerability Assessments
COVID-19 Vaccine Test Lab Hit by Maze Ransomware -
Despite the fact that the hackers behind Maze ransomware previously promised not to hit medical organizations during the coronavirus pandemic, the ransomware recently...more
3/31/2020
/ California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Ransomware ,
Spam ,
Telecommuting ,
Telehealth
Acknowledging the “additional challenges” on health care providers following the outbreak of COVID-19, the Department of Health and Human Services (HHS) recently issued several waivers for covered entities to address the need...more
City of Durham, NC Hit With Ryuk Ransomware -
Another city—Durham, North Carolina—has become the victim of a ransomware attack stemming from a Russian hacker group following a successful phishing scheme. After falling...more
3/13/2020
/ California Consumer Privacy Act (CCPA) ,
China ,
Coronavirus/COVID-19 ,
Crisis Management ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
Municipalities ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Public Health ,
Ransomware