When thinking of HIPAA data breaches, most of us tend to think of situations where the hackers engage in malicious activities against hospitals and steal troves of patients’ protected health information (PHI). There are, however, other much simpler kinds of HIPAA privacy breaches that are easily avoidable and can be quite costly to the healthcare…
Category: Healthcare Privacy (HIPAA)
ASPR Warns Ransomware Threat is Persistent, as Actors Leak More Data
“In general, maintaining anti-ransomware best practices like the 3-2-1 backup system or conducting regular vulnerability scanning to identify and address vulnerabilities will help protect your organization against future threats from other ransomware operators,” according to the alert. — Read on healthitsecurity-com.cdn.ampproject.org/c/s/healthitsecurity.com/news/amp/aspr-warns-ransomware-threat-is-persistent-as-actors-leak-more-data
Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)
Many thanks to HealthcareITNews for publishing my recent article Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? HHS is trying to get companies to comply with the law and, more broadly, their obligation to protect the sensitive information that people have entrusted to them. We have handled numerous cases…
Healthcare Providers – Are You Prepared for Hackers to Tell Your Patients About Your Ransomware and Data Breach?
If you are a healthcare provider, you need to prepare yourself now for the new reality that, when hackers get into your network, they will contact your patients to put pressure on you to pay their ransom demands — usually after they have encrypted your network. Here is an example from a recent case that…
Key Lesson All Business Leaders Can Learn From the Anthem Data Breach Case
The 2015 Anthem data breach affected 79 million people and was the largest health-care data breach in U.S. history. The affected consumers sued Anthem in a case that settled for a record $115 million. Now the U.S. Dept. of Health and Human Services’ Office of Civil Rights has reached a settlement with Anthem for a record…
FMCNA to Pay $3.5 Million for Non-Compliance with HIPAA’s Risk Analysis and Risk Management Rules
Fresenius Medical Care North America (FMCNA) has agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and to adopt a comprehensive corrective action plan, in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. FMCNA…
Allscripts EHR Ransomware Attack is Huge–How Will it Impact Healthcare Practices?
See recommendations below On January 19, 2018, cybercriminals were successful in a ransomware attack on Allscripts, an electronic healthcare record (EHR) provider for healthcare providers across the United States. The attack encrypted some of Allscripts systems and prevented those healthcare providers who use those systems for their EHRs from being able to access their patient records. Not…
OCR Issues Cyberattack Response Checklist and Infographic
The United States Department of Health and Human Services’ Office for Civil Rights has just issued a checklist and infographic to aid healthcare organizations and their vendors in quickly responding to cyberattacks in compliance with HIPAA requirements.
You must be logged in to post a comment.