Connecticut Governor Ned Lamont signed the Personal Data Privacy and Online Monitoring Act (CPDPA) into law on May 10, 2022, making Connecticut the most recent state to pass its own privacy law in the absence of comprehensive...more
5/13/2022
/ Connecticut ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Information Governance ,
Information Technology ,
New Legislation ,
Personal Data ,
Regulatory Reform ,
State Privacy Laws
In general, both state and federal laws apply to health information or protected health information that is in the possession of hospitals, health systems, and medical providers.
HIPAA requires that covered entities...more
HIPAA requires covered entities and business associates to report to the Office for Civil Rights (OCR) all breaches of unsecured protected health information when the incident involves fewer than 500 individuals no later than...more
2/11/2022
/ Cyber Attacks ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Regulatory Requirements ,
Reporting Requirements
ECRI has been publishing its annual report of health technology hazards for the past 15 years. According to ECRI’s Device Evaluation group, “the Top 10 Health Technology Hazards list identifies the potential sources of danger...more
1/20/2022
/ Annual Reports ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Health Care Providers ,
Health Information Technologies ,
Healthcare ,
Popular ,
Vulnerability Assessments
Threat intelligence firm Mandiant released findings about a new Russian based hacking group dubbed FIN12, which is targeting the health care industry and companies with revenue over $300 million. Mandiant said that FIN12 is...more
The Office for Civil Rights (OCR) announced on October 23, 2019, that Jackson Health System (“Jackson”), a not for profit hospital system comprised of six hospitals, urgent care centers, nursing facilities and primary care...more
10/24/2019
/ Data Breach ,
Electronic Medical Records ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Information Technology ,
Notice of Determination (NODs) ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Assessment
Elite Dental Associates (Elite), located in Dallas, Texas has agreed to settle alleged HIPAA violations with the Office for Civil Rights (OCR) for $10,000....more
10/14/2019
/ Cybersecurity ,
Data Breach ,
Dentists ,
Enforcement Actions ,
Fines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
OCR ,
Personally Identifiable Information ,
PHI ,
Policies and Procedures ,
Privacy Rule
Consistent with our experience, security firm McAfee has confirmed in a report that ransomware attacks have doubled in 2019. Medical providers have been hit hard this year, and one provider, Wood Ranch Medical, located in...more
10/4/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Healthcare ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
PHI ,
Ransomware
The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to...more
9/13/2019
/ Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Debt Collectors ,
Digital Assets ,
Educational Institutions ,
Enforcement Actions ,
Financial Services Industry ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Medical Records ,
Municipalities ,
NIST ,
Personally Identifiable Information ,
Ransomware ,
TCPA
July 2019 was the worst month in history for health care data breaches, with a total of 50 breaches that affected a total of more than 500 records reported to the Office for Civil Rights (OCR) according to HIPAA Journal. ...more
9/6/2019
/ Cyber Attacks ,
Data Breach ,
Data Privacy ,
Data Protection ,
Hackers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Ransomware
This month, the Securities and Exchange Commission (SEC) announced that it has entered into a settlement with SimplyVital Health, Inc., a blockchain company that offered and sold approximately $6.3 million worth of securities...more
8/26/2019
/ Blockchain ,
Capital Raising ,
Cease and Desist Orders ,
Cryptocurrency ,
Digital Currency ,
Distributed Ledger Technology (DLT) ,
Enforcement Actions ,
Healthcare ,
Initial Coin Offering (ICOs) ,
Investment Products ,
Offerings ,
Securities and Exchange Commission (SEC) ,
Settlement Agreements ,
Token Sales ,
Unregistered Securities ,
Virtual Currency
I have the great pleasure to present annually to doctors who are in their fellowship (which means they are post-med school and continuing their training in a particular specialty) about lawyerly things before they go out into...more
Following an investigation led by the Washington Attorney General, Premera Blue Cross has agreed to pay $10 million to 30 states after experiencing a data breach in 2014 that compromised the Protected Health Information of...more
Another day in the healthc are industry, another big data breach.
This week, Quest Diagnostics announced in a security filing with the Securities and Exchange Commission, that a collection agency vendor that it uses for...more
New malicious malware dubbed “Gustuff” targets big banks, fintech companies and cryptocurrency apps, according to the security firm Group IB.
...more
4/8/2019
/ Corporate Branding ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Drones ,
Employee Privacy Rights ,
Hackers ,
Healthcare ,
Malware ,
Medical Marijuana ,
Mobile Apps ,
TCPA ,
UPS
The “Uber of weed” app developed by Eaze Solutions, Inc. (Eaze) provides information to users about the delivery of recreational and medical marijuana throughout California....more
4/8/2019
/ Auto-Dialed Calls ,
Class Action ,
Healthcare ,
Marijuana ,
Marijuana Related Businesses ,
Medical Marijuana ,
Mobile Apps ,
Settlement Agreements ,
Spam ,
TCPA ,
Telemarketing ,
Text Messages
In an effort to phase out what many in the security world believe are threats to the cybersecurity posture of governmental agencies and private entities alike, John Quinn, the Chief Information Officer of the State of...more
3/4/2019
/ California Consumer Privacy Act (CCPA) ,
China ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Drones ,
Hackers ,
Healthcare ,
Internet ,
Medical Devices ,
Online Safety for Children ,
Reputation Management ,
Russia ,
Smart Devices ,
Social Media ,
Software ,
Vulnerability Assessments
We predicted last year that hackers would become more malicious in the future, not only stealing and selling data for nefarious purposes, but actually destroying data and even systems. That reality hit email provider VFEmail...more
2/25/2019
/ Biometric Information ,
Computer Servers ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Mining ,
Data Privacy ,
Digital Assets ,
Email ,
Hackers ,
Healthcare ,
HIPAA Breach ,
NASA ,
OCR ,
Privacy Settings ,
Video Games
Community Health System, located in Tennessee, has agreed to settle claims made against it arising from a 2014 data breach for $4.5 million. ...more
The U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Team (US-CERT) recently issued an advisory outlining three vulnerabilities of Drager Infinity Delta patient monitoring devices....more
Clearwater Compliance’s newest CyberIntelligence Insight Bulletin concludes that the top three cybersecurity risks for the healthcare industry, which accounts for 36.8% of reported critical risk incidents include...more
Just before the new year, the Department of Health and Human Resources (HHS) released voluntary cybersecurity practices for healthcare organizations, which consists of a main document, two technical volumes, and resources and...more
1/7/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
PHI ,
Privacy Laws
Atrium Health and its vendor AccuDoc Solutions have released a joint announcement this week that AccuDoc’s database of 2.6 million billing records of Atrium Health’s patients has been compromised by a hacking incident....more
12/3/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Medical Records ,
Hackers ,
Healthcare ,
Identity Theft ,
Information Technology ,
Personally Identifiable Information ,
Social Security Numbers
Phishing attacks continue to hit health care providers and experts say the attacks will become even more frequent in 2019. ...more
11/16/2018
/ Cyber Attacks ,
Data Breach ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Facilities ,
HIPAA Breach ,
PHI ,
Phishing Scams ,
Popular
This week the Securities and Exchange Commission (SEC) issued an investigative report that outlined cyber incidents that nine public companies had experienced, causing fraudulent losses totaling more than $100 million. The...more
10/22/2018
/ Anthem Insurance ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Email ,
Facebook ,
Federal Trade Commission (FTC) ,
Hackers ,
Healthcare ,
HIPAA Breach ,
Internal Controls ,
Microsoft ,
New Legislation ,
OCR ,
Personally Identifiable Information ,
Popular ,
Securities and Exchange Commission (SEC) ,
Social Media ,
State and Local Government ,
Surveillance