AMIA Calls for Greater Alignment of Federal Data Privacy Rules
The American Medical Informatics Association (AMIA) is calling for the Trump Administration to tighten data privacy rules through greater alignment of HIPAA and the Common Rule and adoption of a more...
View ArticleClik here to view.
October 2018 Healthcare Data Breach Report
Our October 2018 healthcare data breach report shows there has been a month-over-month increase in healthcare data breaches with October seeing more than one healthcare data breach reported per day. 31...
View ArticleOIG: Cybersecurity One of Top 10 Management and Performance Challenges Faced...
The Department of Health and Human Services’ Office of Inspector General (OIG) has published its annual report on the top management and performance challenges faced by the HHS. The report lists 12...
View Article53% Of Healthcare Data Breaches Due to Insiders and Negligence
The healthcare industry has had more than its fair share of hacking incidents, but the biggest threat comes from within. The actions of healthcare providers, health insurers, and their employees cause...
View ArticleNIST Releases Draft Paper on Telehealth and Remote Monitoring Device...
The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence (NCCoE) has released a draft paper covering the privacy and security risks of telehealth and remote...
View ArticleOCR Fines Allergy Practice $125,000 for Impermissible PHI Disclosure
The Department of Health and Human Services’ Office for Civil Rights (OCR) has fined a Hartford allergy practice $125,000 to revolve potential violations of the HIPAA Privacy Rule. On October 6, 2015,...
View Article2.65 Million Atrium Health Patients Impacted by Business Associate Data Breach
A data breach has been reported by AccuDoc Solutions Inc., a provider of healthcare billing services, that resulted in the exposure of the protected health information of 2,650,000 patients of Atrium...
View ArticleUPMC Data Breach Lawsuit Reinstated by Pennsylvania Supreme Court
A lawsuit filed by employees affected by a data breach at University of Pennsylvania Medical Center (UPMC) has been revived by the Pennsylvania Supreme Court. The lawsuit was filed after hackers stole...
View ArticleFirst Hospital GDPR Violation Penalty Issued: Portuguese Hospital to Pay...
The first hospital GDPR violation penalty has been issued in Portugal. The Portugal supervisory authority, Comissão Nacional de Protecção de Dados (CNPD), took action against Barreiro Montijo hospital...
View ArticleVulnerability Identified in Philips HealthSuite Health Android App
The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a medical advisory about a vulnerability that has been identified in the Philips...
View ArticleEmblemHealth Pays $100,000 HIPAA Violation Penalty to New Jersey for 2016...
The health insurance provider EmblemHealth has been fined $100,000 by New Jersey for a 2016 data breach that exposed the protected health information (PHI) of more than 6,000 New Jersey plan members....
View ArticleFederal GDPR-Style Data Privacy Bill Introduced
Data privacy laws have been implemented at the state level, but currently there is no federal data privacy law covering all 50 states; however, that could soon change. On Wednesday December 12, 2018, a...
View ArticleVulnerability Identified in Medtronic Encore and Carelink Programmers
ICS-CERT has issued an advisory about a vulnerability that has been identified in certain Medtronic CareLink and Encore Programmers. Some personally identifiable information (PII) and protected health...
View Article27% of Healthcare Organizations Have Experienced a Ransomware Attack in the...
According to a new report from Kaspersky Lab, 27% of healthcare employees said their organization had experienced at least one ransomware attack in the past five years and 33% said their organization...
View ArticleClik here to view.
November 2018 Healthcare Data Breach Report
For the second consecutive month there has been an increase in both the number of reported healthcare data breaches and the number of records exposed, stolen, or impermissibly disclosed. November was...
View ArticleMassachusetts Attorney General Issues $75,000 HIPAA Violation Fine to McLean...
Massachusetts Attorney General Maura Healey has issued a $75,000 HIPAA violation fine to McLean Hospital over a 2015 data breach that exposed the protected health information (PHI) of approximately...
View ArticleLifeBridge Health Sued for 18-Month Malware That Allowed Theft of 530,000...
A lawsuit has been filed on behalf of patients who had their protected health information stolen as a result of a malware infection at the Baltimore-based healthcare provider LifeBridge Health....
View ArticleLargest Healthcare Data Breaches of 2018
This post summarizes the largest healthcare data breaches of 2018: Healthcare data breaches that have resulted in the loss, theft, unauthorized accessing, impermissible disclosure, or improper disposal...
View ArticleNIST Releases Final Version of Risk Management Framework Update
The National Institute of Standards and Technology (NIST) has released the final version of its updated Risk Management Framework (RMF 2.0). RMF 2.0 (SP 800-37 Revision 2: Risk Management Framework...
View ArticleMost Common Security Weaknesses in Healthcare Identified
The most common security weaknesses in healthcare have been identified by Clearwater. Clearwater analyzed data from IRM analyses conducted over the past six years. Millions of risk records were...
View Article