Sunrise Community Health located in Evans, CO uncovered the exposure of a number of employees’ email accounts because of the employees’ response to phishing emails. Unauthorized persons gained access to the email accounts beginning September 11, 2019 up to November 22, 2019. On November 5, 2019, third party computer forensics specialists assisted Sunrise Community Health …
Loudoun Medical Group, also known as Comprehensive Sleep Care Center (CSCC), experienced a phishing attack approximately on June 19, 2019. The IT department was notified concerning a potential email security breach after identifying suspicious activity in an employee’s email account. The password was quickly modified to avert continuing unauthorized access. Forensic detectives examined the incident …
A ransomware attack on Great Plains Health based in North Platte, NE resulted in the encryption of some patients’ health records. Great Plains Health discovered the attack at approximately 7pm on November 26. The quick action taken helped lessen the effect on patients, and employees used pen and paper when computer systems were down. IT …
Great Plains Health Patient Medical Records Encrypted Due to Ransomware Attack Read More »
Philips released information about a vulnerability found in Philips IntelliBridge EC40/80 hubs. An attacker could exploit to access vulnerable hubs and execute a software program, change files, alter the system setup, and view identifiable patient information. Depending on fixed specifications, Philips IntelliBridge EC40/80 hubs are utilized for transferring medical device information at the same time …
Philips IntelliBridge EC40/80 Hubs Were Found to Have a Vulnerability Read More »
As per the Inflation Adjustment Act, the U.S Department of Health and Human Services took into account the inflation rate when issuing civil monetary penalties for HIPAA violations, hence, higher penalties are to be expected now. Since the final rule became effective last November 5, 2019, HIPAA violations that transpired from February 18, 2009 are …
The University of Rochester Medical Center (URMC) paid OCR $3 million as HIPAA penalty for failing to implement encryption on mobile gadgets and for other violations of HIPAA rules. URMC is one of New York State’s biggest health systems with over 26,000 employees at its Medical Center and many other facilities of the health system, …
URMC Pays $3 Million HIPAA Penalty for Failure to Encrypt Mobile Devices Read More »
A series of phishing attacks have compromised the protected health information of 56,000 members of Presbyterian Health Plan. The phishing attacks did not directly target NM-based Presbyterian Health Plan (PHP) but instead affected two subsidiaries of the managed care company, Magellan Health, who provide services to PHP. The two breaches occurred in July 2019. The …
Phishing Attacks Compromise PHI of 56,000 Presbyterian Health Plan Members Read More »
Little Rock Plastic Surgery (LRPS) is in the process of notifying patients of a data security incident which saw a former employee illegally access the protected health information (PHI) of several patients. LRPS, based in Arkansas, released a statement earlier this month detailing the incident. According to the statement, the organization discovered the breach on …
Former Employee at Little Rock Plastic Surgery Illegally Accessed Patient Information Read More »
Fedcap Rehabilitation is in the process of notifying 2,200 individuals of a data security incident which may have seen their confidential information compromised. New York-based provider of vocational training and employment resources, is alerting 2,158 current and former clients about a recent security breach. In May 2019, Fedcap Rehabilitation, a New York-based provider of vocational …
Fedcap Rehabilitation Notifying 2,200 Individuals of Data Breach Read More »
The Secretary of the Department of Health and Human Services (HHS), has declared a public health emergency in Puerto Rico and the states of Florida, Georgia, and South Carolina due to Hurricane Dorian. On September 4, the Secretary, Alex Azar, also declared in North Carolina, retroactive to September 1, 2019. Secretary Azar’s announcement comes as …
Limited HIPAA Waiver in Areas Affected by Hurricane Dorian Read More »
