FTC Seeks Comment on Health Breach Notification Rule
The U.S. Federal Trade Commission (FTC) is seeking comment on its breach notification requirements for non-HIPAA-covered entities that collect personally identifiable health information. The FTC’s...
View ArticleZoom Reaches Settlement with NY Attorney General Over Privacy and Security...
Zoom has reached an agreement with the New York Attorney General’s office and has made a commitment to implement better privacy and security controls for its teleconferencing platform. Zoom has proven...
View ArticleAMA Publishes Set of Privacy Principles for Non-HIPAA-Covered Entities
The American Medical Association (AMA) has published a set of privacy principles for non-HIPAA-covered entities to help ensure that the privacy of consumers is protected, even when healthcare data is...
View ArticleRepublicans and Democrats Introduce Competing Bills Covering COVID-19 Contact...
Two privacy bills have been introduced relating to COVID-19 contact tracing apps that are now being considered by Congress. The competing bills, introduced by Republican and Democratic lawmakers, share...
View ArticleClik here to view.
April 2020 Healthcare Data Breach Report
There were 37 healthcare data breaches of 500 or more records reported in April 2020, up one from the 36 breaches reported in March. As the graph below shows, the number of breaches reported each month...
View ArticleAlert Issued by Feds to Raise Awareness of Scams Related to COVID-19 Economic...
A joint alert issued has been issued by the IRS, DHS’ Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury to raise awareness of the risk of phishing and other...
View ArticleSoftware Glitch in Telehealth App Allowed Patients to View Videos of Other...
A UK-based chatbot and telehealth startup has suffered an embarrassing privacy breach this week. Babylon Health has developed a telehealth app that can be used by general practitioners for virtual...
View ArticleNAAG Urges Apple and Google to Take Further Steps to Protect Privacy of Users...
On June 16, 2020, The National Association of Attorneys General (NAAG) wrote to Google and Apple to express concern about consumer privacy related to COVID-19 contact tracing and exposure notification...
View ArticleClik here to view.
May 2020 Healthcare Data Breach Report
May 2020 saw a marked fall in the number of reported healthcare data breaches compared to April, with 28 data breaches of 500 or more records reported to the HHS’ Office for Civil Rights. That is the...
View ArticleUniversity of California San Francisco Pays $1.14 Million Ransom to Resolve...
University of California San Francisco has paid a $1.14 million ransom to the operators of NetWalker ransomware to resolve an attack that saw data on servers within the School of Medicine encrypted....
View ArticleHHS Adopts Changes to 42 CFR Part 2 Regulations to Improve Care Coordination
The Confidentiality of Substance Use Disorder Patient Records regulations (42 CFR Part 2) have been revised by the Department of Health and Human Services’ Substance Abuse and Mental Health Services...
View ArticleIs Google Voice HIPAA Compliant?
Google Voice is a popular telephony service, but is Google Voice HIPAA compliant or can it be used in a HIPAA compliant way? Is it possible for healthcare organizations – or healthcare employees – to...
View ArticleWhat is HIPAA Certification?
A frequently asked question in the healthcare industry is what is HIPAA certification; for although there is no standard or implementation specification within HIPAA that requires Covered Entities or...
View ArticleHouse of Representatives Votes to Remove Ban on HHS Funding a National...
The House of Representatives has voted to lift the ban on the Department of Health and Human Services using federal funds to develop a national patient identifier system. The Health Insurance...
View ArticleMedical Software Database Containing Personal Information of 3.1 Million...
A database containing the personal information of more than 3.1 million patients has been exposed online and was subsequently deleted by the Meow bot. Security researcher Volodymyr ‘Bob’ Diachenko...
View ArticleHealthcare Data Leaks on GitHub: Credentials, Corporate Data and the PHI of...
A new report has revealed the personal and protected health information of patients and other sensitive data are being exposed online without the knowledge of covered entities and business associates...
View ArticleClik here to view.
July 2020 Healthcare Data Breach Report
July saw a major fall in the number of reported data breaches of 500 or more healthcare records, dropping below the 12-month average of 39.83 breaches per month. There was a 30.8% month-over-month fall...
View ArticleResearchers Raise Concerns About Patient Safety and Privacy with COVID-19...
A team of researchers at Harvard University has investigated COVID-19 home monitoring technologies, which have been developed to decrease interpersonal contacts and reduce the risk of exposure to the...
View ArticlePersonal and COVID-19 Status Data Stolen from South Dakota Fusion Center in...
In June 2020, the Houston, TX-based web developer Netsential had its web servers hacked and almost 270 gigabytes of data were stolen and was published online on June 19, 2020 by the hacking group...
View ArticleStudy Reveals Increase in Credential Theft via Spoofed Login Pages
A new study conducted by IRONSCALES shows there has been a major increase in credential theft via spoofed websites. IRONSCALES researchers spent the first half of 2020 identifying and analyzing fake...
View Article