Health Insurance, HIPAA and Licensing - Health Care Compliance Brief

Our “Preconceived” Notions of HIPAA

Bill of Health

MARCH 9, 2024

The film Preconceived , premiering at SXSW this week, shines a bright light on anti-abortion “Crisis Pregnancy Centers” (CPCs), including their disturbing take on the Health Insurance Portability and Accountability Act (HIPAA). HIPAA takes center stage near the end of the film. Is Stanton a HIPAA-covered entity?

HIPAA

HIPAA Licensing Health Insurance Compliance

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Schneck Medical Center has agreed to pay a penalty of $250,000 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws and will implement additional safeguards to prevent further data breaches.

HIPAA

HIPAA Ransomware Health Insurance Fraud

What are the Penalties for HIPAA Violations?

HIPAA Journal

DECEMBER 24, 2022

Penalties for HIPAA violations can be issued by the Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general. In addition to financial penalties, covered entities are required to adopt a corrective action plan to bring policies and procedures up to the standards demanded by HIPAA. .

HIPAA

HIPAA Compliance Hospitals COVID-19

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

The review of the compromised email accounts confirmed they contain information such as names, addresses, dates of birth, driver’s license numbers, state identification card numbers, financial account numbers, usernames and passwords, payment card information, medical histories, and health insurance information.

HIPAA

HIPAA Licensing Health Insurance Fraud

How to Become HIPAA Compliant

HIPAA Journal

APRIL 15, 2023

How to become HIPAA compliant is one of the biggest challenges for many businesses operating in the healthcare and health insurance industries. What is HIPAA Compliance? What is HIPAA Compliance? Not every business operating in the healthcare and health insurance industries is required to become HIPAA compliant.

HIPAA

HIPAA Compliance Due Diligence Health Insurance

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

HIPAA Journal

MAY 2, 2022

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft of the protected health information of tens of thousands of individuals. La Casa de Salud, New York. Valley View Hospital, Colorado.

HIPAA

HIPAA Health Insurance Licensing Hospitals

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA

HIPAA Ransomware Health Insurance Compliance

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

HIPAA Journal

AUGUST 10, 2023

The Ottumwa Fire Department in Iowa has recently fired employees for alleged violations of the HIPAA Rules and other misconduct. The post Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations appeared first on HIPAA Journal. The information involved varied from individual to individual.

HIPAA

HIPAA Ransomware Licensing Health Insurance

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

HIPAA Journal

APRIL 25, 2024

The exposed and stolen data included contact information, Social Security numbers, driver’s license numbers, financial information, health insurance information, medical records, medical histories, diagnoses/conditions, and health insurance information.

Fraud

Fraud Health Insurance Licensing HIPAA

The Most Common HIPAA Violations You Should Avoid

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules.

HIPAA

HIPAA Compliance Hospitals Medicare

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

Total HIPAA

MAY 23, 2022

What is Protected Health Information (PHI)? The Health Insurance Portability and Accountability Act ( HIPAA ) is a 1996 federal law that regulates privacy standards in the healthcare sector. Since 1996, Congress has passed additional laws to adapt HIPAA in accordance with new technological advancements.

HIPAA

HIPAA Due Diligence Compliance Health Insurance

Avalon Healthcare Settles HIPAA Case with Oregon and Utah State AGs and Pays $200,000 Penalty

HIPAA Journal

DECEMBER 30, 2022

Avalon Healthcare has agreed to settle alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws with the Oregon and Utah Attorneys General that were uncovered during an investigation of a 2019 breach of the personal and protected health information of 14,500 of its employees and patients.

HIPAA

HIPAA Compliance Compliance Officers Licensing

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

The Health Law Firm Blog

MARCH 23, 2024

Board Certified by The Florida Bar in Health Law On December 15, 2022, the Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that Health Specialists of Central Florida, Inc., will pay $20,000 to resolve alleged violations of the Health Insurance Portability and [.]

HIPAA

HIPAA Health Insurance Licensing Compliance

Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks

HIPAA Journal

APRIL 23, 2024

The review of the affected files was completed on February 7, 2024, and confirmed some or all of the following information was compromised: name, date of birth, Social Security number, driver’s license number, medical information, and/or health insurance information.

Ransomware

Ransomware Fraud Licensing HIPAA

Implications of Noncompliance with HIPAA: What to Expect as a Healthcare Organization

Compliancy Group

APRIL 19, 2023

Wondering why your practice or organization should be HIPAA compliant? In the United States, the Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to regulate the handling and protecting confidential medical information. million per year for each violation of HIPAA.

HIPAA

HIPAA Compliance Licensing Health Insurance

Superior Air-Ground Ambulance Service Data Breach Affects 858K Individuals

HIPAA Journal

MAY 22, 2024

The post Superior Air-Ground Ambulance Service Data Breach Affects 858K Individuals appeared first on HIPAA Journal. The affected individuals have been advised to remain vigilant against incidents of identity theft and fraud by reviewing their account statements, explanation of benefits, and free credit reports.

Fraud

Fraud Licensing HIPAA Health Insurance

California Dental Practice Pays $23,000 Settlement For Potential HIPAA Privacy Violations Involving Yelp Posts

The Health Law Firm Blog

APRIL 12, 2024

Board Certified by The Florida Bar in Health Law On December 14, 2022, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled with New Vision Dental (NVD) over a potential HIPAA Privacy violation. Indest III, J.D., The California-based dental practice paid $23,000 to OCR and [.]

HIPAA

HIPAA Licensing Health Insurance Compliance

Patient Data Stolen from Livanova in October 2023 Ransomware Attack

HIPAA Journal

APRIL 30, 2024

The file review confirmed that the following types of information had been exposed or stolen: names, dates of birth, medical record numbers, services received, dates of services, treating physician, and for some patients, Social Security numbers and/or driver’s license numbers.

Ransomware

Ransomware Licensing Health Insurance HIPAA

November 8, 2023, Healthcare Data Breach Round-Up

HIPAA Journal

NOVEMBER 8, 2023

Third-party forensics experts were engaged to investigate the breach and determined that its systems were compromised between September 1, 2023, and September 5, 2023, and during that time, files were exfiltrated that contained personal and protected health information.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

HIPAA Journal

SEPTEMBER 8, 2023

For patients, the affected information included name, address, email, phone number(s), birth date, Social Security number, driver’s license number, health insurance policy information, treatment information including radiographic images, medical record number, account number, and health conditions.

Licensing

Licensing Ransomware Health Insurance HIPAA

Medusa Ransomware Group Leaks Data Stolen from American Renal Associates

HIPAA Journal

APRIL 8, 2024

The leaked data includes patient names, dates of birth, phone numbers, email addresses, medical records, Social Security numbers, copies of passports and driver’s licenses, health insurance information, and company data. The investigation uncovered evidence of unauthorized access to files that contained patient information.

Ransomware

Ransomware Health Insurance Licensing HIPAA

NY AG Fines Medical Management Company $550,000 for Patch Management Failures

HIPAA Journal

MAY 24, 2023

The leaked data included screenshots of 13 patients’ protected health information. The protected health information stored on its systems was also not encrypted. The New York Attorney General determined that these failures violated state law and the federal Health Insurance Portability and Accountability Act (HIPAA).

HIPAA

HIPAA Ransomware Licensing Health Insurance

Credential Stuffing Attack Exposed United HealthCare Member Data

HIPAA Journal

MAY 2, 2023

The accounts subjected to unauthorized access included information such as names, birthdates, addresses, health insurance member ID numbers, service dates, provider names, claim details, and group names and numbers. No Social Security numbers, financial information, or driver’s license numbers were exposed.

Licensing

Licensing Health Insurance Hospitals HIPAA

SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit

HIPAA Journal

MAY 11, 2023

Million Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal. Affected individuals were notified on March 25, 2022, 8 months after the breach was detected. Claims must be submitted by July 5, 2023, and the final approval hearing for the settlement has been scheduled for August 28, 2023. The post SuperCare Proposes $2.25

HIPAA

HIPAA Health Insurance Licensing Hospitals

Cyberattacks Reported by Healthcare Providers in North Carolina, Rhode Island, & California

HIPAA Journal

APRIL 22, 2024

The types of data involved varied from individual to individual and may have included names, Social Security numbers, taxpayer identification numbers, dates of birth, driver’s license numbers, username and password, biometric data, medical treatment and/or diagnosis information, and/or health insurance information.

HIPAA

HIPAA Licensing Health Insurance

Dental Practice Pays $23,000 For Potential HIPAA Privacy Violations Involving Yelp Posts

The Health Law Firm Blog

SEPTEMBER 11, 2023

Board Certified by The Florida Bar in Health Law On December 14, 2022, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled with New Vision Dental (NVD) over a potential HIPAA Privacy violation. Indest III, J.D., The California-based dental practice paid $23,000 to OCR and [.]

HIPAA

HIPAA Licensing Health Insurance Compliance

Cummins Behavioral Health Reports 157K Record Data Breach

HIPAA Journal

AUGUST 16, 2023

The information removed from its systems included names, addresses, dates of birth, Social Security numbers, driver’s license/State ID numbers, financial account information, payment card information, usernames/passwords, health insurance information, and medical information.

Licensing

Licensing Health Insurance HIPAA Public Health

San Juan Regional Medical Center Settles Data Breach Lawsuit

HIPAA Journal

DECEMBER 2, 2022

While legal action was not taken over a HIPAA violation, the lawsuit alleged the lack of appropriate safeguards constituted a HIPAA violation. The post San Juan Regional Medical Center Settles Data Breach Lawsuit appeared first on HIPAA Journal. All claims must be submitted by February 8, 2023.

Licensing

Licensing HIPAA Ransomware Health Insurance

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

The exposed information included names, dates of birth, Social Security numbers, driver’s license numbers, clinical/diagnosis information, health insurance member ID numbers, medical record numbers, and Medicare or Medicaid numbers. No evidence of data theft or misuse of information has been detected.

Health Insurance

Health Insurance Licensing Fraud HIPAA

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

HIPAA Journal

JULY 11, 2022

Phoenixville Hospital Fires Employee for HIPAA Violation. According to the hospital operator, Tower Health, the unauthorized access was discovered during a routine audit of medical record access logs. Some of the accessed records included partial Social Security numbers and health insurance information.

Hospitals

Hospitals HIPAA Health Insurance Licensing

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

HIPAA Journal

JULY 5, 2022

Individuals who had their Social Security numbers or driver’s license numbers exposed have been offered complimentary credit monitoring and identity theft protection services. The post Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care appeared first on HIPAA Journal.

Licensing

Licensing Electronic Medical Records Health Insurance Hospitals

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

HIPAA Journal

MARCH 29, 2023

While there have been no reported instances of misuse of patient data, OU Health could not rule out unauthorized access to patient data. The post Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals appeared first on HIPAA Journal.

Hospitals

Hospitals Ransomware Licensing Health Insurance

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

HIPAA Journal

OCTOBER 7, 2022

HIPAA Journal has not yet been able to establish exactly how many Anthem Blue Cross members have been affected. No financial information, Social Security numbers, or driver’s license numbers were taken. The post PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon appeared first on HIPAA Journal.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

HIPAA Journal

AUGUST 2, 2023

The files contained information such as names, birthdates, signatures, insurance details, contact information, government identification numbers including driver’s licenses and Social Security numbers, medical history/treatment information, and financial information.

Licensing

Licensing Electronic Medical Records Ransomware Health Insurance

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

HIPAA Journal

JULY 14, 2022

The affected email accounts included names, Social Security numbers, driver’s licenses, financial account information, usernames and passwords, passport numbers, biometric data, medical information, health insurance information, electronic/digital signatures, and employer-assigned identification numbers.

Licensing

Licensing Health Insurance Ransomware HIPAA

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

The Health Law Firm Blog

DECEMBER 28, 2022

Board Certified by The Florida Bar in Health Law On December 15, 2022, the Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that Health Specialists of Central Florida, Inc., will pay $20,000 to resolve alleged violations of the Health Insurance Portability and [.].

HIPAA

HIPAA Health Insurance Licensing Compliance

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

HIPAA Journal

MARCH 18, 2022

Country Medical Services had run the hospital for 9 years; however, an investigation by the state Department of Health identified almost 3 dozen potential violations of the Emergency Medical Treatment and Labor Act, as the hospital was unable to provide emergency services. I am holding the hospital and its owners accountable.”.

Licensing

Licensing HIPAA Hospitals Health Insurance

Cyberattack Affects Multiple Residential Care Facilities in Pennsylvania

HIPAA Journal

JULY 3, 2023

To meet the breach reporting requirements of the HIPAA Breach Notification Rule, the breach has been reported to the HHS by The Williamsport Home and Senior Choice as affecting at least 500 individuals. The post Cyberattack Affects Multiple Residential Care Facilities in Pennsylvania appeared first on HIPAA Journal.

HIPAA

HIPAA Licensing Health Insurance Nurses

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

AHA discovered the email breach in early September 2021 and determined on December 2, 2021, that files containing the protected health information of its healthcare provider clients had been accessed. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance

Health Insurance Licensing Ransomware Fraud

Sutter Senior Care and Allegheny County Have Data Compromised in MOVEit Transfer Hacks

HIPAA Journal

AUGUST 2, 2023

Sutter SeniorCare PACE, a nonprofit health plan based in Sacramento, CA, has also recently confirmed that it was affected and had plan member data compromised in the attacks. The post Sutter Senior Care and Allegheny County Have Data Compromised in MOVEit Transfer Hacks appeared first on HIPAA Journal.

Licensing

Licensing HIPAA Health Insurance

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

HIPAA Journal

MAY 17, 2022

The review of the files revealed they mostly contained protected health information such as names, addresses, medical information, and/or health insurance information. Notification letters have now been sent to the 28,024 patients whose protected health information has potentially been compromised.

Health Insurance

Health Insurance Licensing Ransomware HIPAA

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

HIPAA Journal

AUGUST 3, 2022

The two health insurance firms confirmed they had been affected in late February 2022, with PracticeMax publicly reporting the breach in the fall of 2021. The post Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack appeared first on HIPAA Journal.

Ransomware

Ransomware Health Insurance Licensing HIPAA

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

HIPAA Journal

JUNE 8, 2023

Names, addresses, Social Security numbers, and health insurance were impermissibly disclosed. The post Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources appeared first on HIPAA Journal. MCNA Dental has offered affected individuals complimentary credit monitoring services.

Medicaid

Medicaid Medicaid Ransomware Health Insurance

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

HIPAA Journal

FEBRUARY 16, 2022

The information potentially compromised in the attack included names, dates of birth, Social Security numbers, medical diagnoses, treatment information, and health insurance information. Vendor Email Account Breach Affects Over 6,000 Memorial Hermann Health System Patients.

Electronic Medical Records

Electronic Medical Records Health Insurance Licensing HIPAA

Our “Preconceived” Notions of HIPAA

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Trending Sources

What are the Penalties for HIPAA Violations?

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

How to Become HIPAA Compliant

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

The Most Common HIPAA Violations You Should Avoid

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

Avalon Healthcare Settles HIPAA Case with Oregon and Utah State AGs and Pays $200,000 Penalty

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks

Implications of Noncompliance with HIPAA: What to Expect as a Healthcare Organization

Superior Air-Ground Ambulance Service Data Breach Affects 858K Individuals

California Dental Practice Pays $23,000 Settlement For Potential HIPAA Privacy Violations Involving Yelp Posts

Patient Data Stolen from Livanova in October 2023 Ransomware Attack

November 8, 2023, Healthcare Data Breach Round-Up

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

Medusa Ransomware Group Leaks Data Stolen from American Renal Associates

NY AG Fines Medical Management Company $550,000 for Patch Management Failures

Credential Stuffing Attack Exposed United HealthCare Member Data

SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit

Cyberattacks Reported by Healthcare Providers in North Carolina, Rhode Island, & California

Dental Practice Pays $23,000 For Potential HIPAA Privacy Violations Involving Yelp Posts

Cummins Behavioral Health Reports 157K Record Data Breach

San Juan Regional Medical Center Settles Data Breach Lawsuit

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

Cyberattack Affects Multiple Residential Care Facilities in Pennsylvania

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Sutter Senior Care and Allegheny County Have Data Compromised in MOVEit Transfer Hacks

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

Stay Connected