Author name: HIPAA Editor

In May 2020, the cloud software corporation Blackbaud encountered a ransomware attack. As is typical in human-operated ransomware attacks, the attackers exfiltrated files before file encryption. A few of the stolen data files included the fundraising listings of its healthcare clients. Rady Children’s Hospital located in San Diego is one of the healthcare companies affected. …

Rady Children’s Hospital Confronted With Class Action Lawsuit as a Result of the Blackbaud Ransomware Attack Read More »

The U.S. Court of Appeals for the Fifth Circuit has reversed the $4,348,000 HIPAA violation charges enforced by the Department of Health and Human Services’ Office for Civil Rights on the University of Texas M.D. Anderson Cancer Center. The Civil Monetary Penalty was charged to M.D. Anderson in 2018 after the investigation of three data …

M.D. Anderson Cancer Center’s $4.3 Million HIPAA Penalty Revoked on Appeal Read More »

On January 5, 2020, President Trump signed a bill (HR 7898) that makes changes to the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and provides a safe harbor for organizations that have applied accepted security best practices before encountering a data breach. Although the bill doesn’t go so far as keeping …

HITECH Act Amendment To Provide Cybersecurity Safe Harbor Signed into Law Read More »

A vulnerability was found in Zyxel devices such as firewalls, VPN gateways, and access point (AP) controllers that hackers may take advantage of to get remote administrative access to the gadgets. By taking advantage of the vulnerability, threat actors can change firewall configurations, enable/reject selected traffic, intercept traffic, generate new VPN accounts, make internal services …

Hidden Backdoor Found in 100,000 Zyxel Products Read More »

The DHS’ Cybersecurity and infrastructure Security Agency has published a website with resources concerning the recent activities of the advanced persistent threat (APT) group liable for the breach of the SolarWinds Orion software supply chain. The group behind the attack acquired access to the networks of federal, state, and local governments, private sector establishments and …

CISA Introduces Website About the SolarWinds Supply Chain Compromise and Free Tool to Detect Malicious Activity Read More »

The Department of Health and Human Services’ Office for Civil Rights (OCR) has arrived at a settlement deal with Peter Wrobel, M.D., P.C., dba Elite Primary Care, in connection with its non-compliance with the HIPAA Right of Access rule. Elite Primary Care delivers primary health services to residents in Georgia. OCR initiated its compliance investigation …

19th HIPAA Penalty of 2020 Issued by OCR Read More »

A seasonal staff at a tech firm in Virginia got sentenced to 42 months imprisonment for accessing patient files, theft of personally identifiable information (PII), and used the PII for monetary gain. The tech company offers support to the Centers for Medicare & Medicaid Services (CMS) by running contact centers that gave help with Medicare …

Seasonal Staff Sentenced to 42-Months In Jail for Theft of Information from Healthcare.Gov Database Read More »

Rave Mobile Safety has introduced a COVID-19 Vaccine Distribution Solution that will make it possible for public health agencies to determine who should receive priority vaccination, custom notifications to these persons, give reminders for subsequent vaccinations, and then have follow-up assessments after the vaccination is complete. On November 20, two companies, Pfizer and BioNTech, sent …

Rave Mobile Safety Introduces COVID-19 Vaccine Distribution Solution Read More »