HIPAA Journal

MARCH 11, 2022

Protenus has released its 2022 Breach Barometer Report which confirms 2021 was a particularly bad year for healthcare industry data breaches, with more than 50 million healthcare records exposed or compromised in 2021. There were 111 insider incidents in 2021, similar to the 110 incidents in 2019, which is a 26% decrease from 2020.

HIPAA 108

HIPAA Ransomware Health Insurance 108

HIPAA Journal

MAY 16, 2022

According to the April 29, 2022, notification on the healthcare provider’s website, “We recently discovered unauthorized access to our network occurred between May 31, 2021, and June 1, 2021.” The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal.

Health Insurance 106

Health Insurance Ransomware HIPAA Licensing 106

HIPAA Journal

DECEMBER 31, 2022

To best answer the question what is a HIPAA violation, it is necessary to explain what HIPAA is, who it applies to, and what constitutes a violation; for although most people believe they know what a HIPAA compliance violation is, evidence suggests otherwise. What is HIPAA and Who Does It Apply To?

HIPAA 133

HIPAA Due Diligence Compliance Fraud 133

HIPAA Journal

MARCH 15, 2023

The United States Department of Justice has agreed to settle alleged False Claims Act violations with Jelly Bean Communications Design LLC and manager Jeremy Spinks related to the failure to protect HIPAA-covered data. FHKC is a state-created entity that offers health and dental insurance to children in Florida between the ages of 5 and 18.

Health Insurance 73

Health Insurance HIPAA Due Diligence Fraud 73

HIPAA Journal

FEBRUARY 24, 2022

Two HIPAA-regulated entities have recently started notifying individuals whose protected health information was potentially compromised in cyberattacks that occurred more than 12 months ago, including one where it took 18 months to notify affected individuals that their protected health information had been accessed and potentially acquired.

HIPAA 104

HIPAA Ransomware Health Insurance 104

HIPAA Journal

MARCH 24, 2022

Chelan Douglas Health District in East Wenatchee, WA, has announced it was the victim of a cyberattack in July 2021 in which the personal and protected health information of patients was exfiltrated from its systems. A representative for the health district said this was not a ransomware attack.

Ransomware 124

Ransomware Fraud Hospitals HIPAA 124

HIPAA Journal

FEBRUARY 28, 2023

Department of Health and Human Services (HHS) has restructured its Office for Civil Rights (OCR) and has created new divisions that will help improve the enforcement of HIPAA and civil rights laws and clear the current backlog of complaints and investigations. Approximately 80% of all reported data breaches are due to hacking.

HIPAA 92

HIPAA Health Insurance Compliance 92

Compliancy Group

AUGUST 24, 2023

They’ve reached a settlement with UnitedHealthcare Insurance Company (“UHIC”), one of the largest health insurers in the country, regarding a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s right of access provision.

HIPAA 52

HIPAA Health Insurance Compliance 52

HIPAA Journal

MAY 29, 2023

It has been 27 years since President Clinton signed the Health Insurance Portability and Accountability Act (HIPAA) into law, but compliance is still proving a challenge for many HIPAA-regulated entities. The average HIPAA penalty has fallen from $2.6 reduction in total penalties compared to 2018, falling from $28.7

HIPAA 95

HIPAA Compliance Due Diligence COVID-19 95

HIPAA Journal

MARCH 2, 2022

The Health Insurance Accountability and Portability Act (HIPAA) introduced multiple HIPAA rights. Unfortunately, the failure to comply with Privacy Rule HIPAA rights is one of the leading reasons for complaints to the HHS Office for Civil Rights. Rights under the Privacy Rule.

HIPAA 83

HIPAA Health Insurance Public Health Compliance 83

Healthcare IT Today

SEPTEMBER 28, 2023

The following is a guest article by Bill Young, Director of Healthcare & Life Sciences at SYSTRAN Keeping patient data confidential and secure remains a major healthcare challenge today, more than 25 years after the introduction of the 1996 Health Insurance Portability & Accountability Act or HIPAA.

HIPAA 94

HIPAA US Department of Health and Human Services Governance Health Insurance 94

HIPAA Journal

AUGUST 28, 2023

The latest settlement agreement relates to a complaint made against UHIC by a customer who had requested a copy of their PHI in January 2021. The agency initiated an investigation in April 2021, but it was not until July that the customer received the PHI they had requested six months earlier.

HIPAA 68

HIPAA Health Insurance Compliance 68

HIPAA Journal

APRIL 8, 2024

Planned Parenthood Los Angeles, a provider of reproductive healthcare services in Los Angeles County, has proposed a $6 million settlement to resolve all claims related to a 2021 data breach that exposed the personal information of more than 409,437 patients.

Ransomware 76

Ransomware HIPAA Health Insurance Fraud 76

HIPAA Journal

NOVEMBER 8, 2022

Suspicious activity was detected within its network on May 12, 2021, with the forensic investigation confirming unauthorized individuals had access to its network for a month between April 20, 2021, and May 17, 2021. During that time, the attackers may have viewed or acquired sensitive patient data. The post U.S.

Licensing 67

Licensing Health Insurance HIPAA 67

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA 81

HIPAA Ransomware Health Insurance Compliance 81

HIPAA Journal

JANUARY 31, 2023

Affected individuals were notified about the cyberattack in August 2021 and were offered complimentary credit monitoring and identity theft protection services. The post San Andreas Regional Center Agrees to Settle 2021 Ransomware Attack Lawsuit appeared first on HIPAA Journal. A lawsuit – Lopez, et al.

Ransomware 60

Ransomware Fraud Health Insurance HIPAA 60

HIPAA Journal

MAY 2, 2022

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft of the protected health information of tens of thousands of individuals. Los Angeles County Department of Mental Health, California. La Casa de Salud, New York.

HIPAA 89

HIPAA Health Insurance Licensing Hospitals 89

HIPAA Journal

JUNE 22, 2022

A review of the affected files confirmed they contained information such as names, dates of birth, medical assessment and medication information, health insurance information, and Social Security numbers. The breach was detected on December 27, 2021, and it was determined on January 7, 2022, that patient data had been compromised.

HIPAA 86

HIPAA Health Insurance 86

HIPAA Journal

NOVEMBER 16, 2022

Unauthorized individuals have gained access to the email system of the Administrative Fund of the Detectives’ Endowment Association of the Police Department of the City of New York (NYCDEA) and potentially viewed or obtained the protected health information of 21,544 individuals.

HIPAA 86

HIPAA Licensing Health Insurance Fraud 86

Compliancy Group

APRIL 1, 2022

An HHS study released in December 2021 showed 2020 telehealth usage for Medicare patients increased 63-fold over 2019 (840,000 to 52.7 Regardless of the method used, communications such as cloud-based VoIP, telehealth, texting, and email in healthcare must comply fully with HIPAA rules and regulations. . Compliancy Group can help!

HIPAA 52

HIPAA Compliance Health Insurance Doctors 52

HIPAA Journal

MAY 11, 2023

million settlement to resolve a class action lawsuit filed in response to a 2021 hacking incident in which the protected health information of 318,379 patients was compromised. Million Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal. The post SuperCare Proposes $2.25

HIPAA 85

HIPAA Health Insurance Licensing Hospitals 85

Health Care Law Brief

JUNE 24, 2022

The Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), recently issued new regulatory guidance relating to covered entities’ HIPAA-compliant use of remote communication technologies for audio-only telehealth services. The new HIPAA guidance affects covered entities in four key ways.

HIPAA 52

HIPAA Fraud Compliance COVID-19 52

HIPAA Journal

JULY 11, 2022

Phoenixville Hospital Fires Employee for HIPAA Violation. According to the hospital operator, Tower Health, the unauthorized access was discovered during a routine audit of medical record access logs. Some of the accessed records included partial Social Security numbers and health insurance information.

Hospitals 97

Hospitals HIPAA Health Insurance Licensing 97

HIPAA Journal

APRIL 6, 2023

The researchers used an open-source tool called WebXray to identify third-party tracking code and recorded data requests on the hospital websites over a 3-day period in 2021. The third parties receiving the information are typically not HIPAA-regulated entities, which means uses and disclosures of the transferred data are largely unregulated.

Hospitals 110

Hospitals HIPAA Health Insurance Compliance 110

HIPAA Journal

FEBRUARY 15, 2022

Chicago’s South Shore Hospital has started notifying 115,670 current and former patients about a December 2021 cyberattack on its network. Suspicious activity was identified on its network on December 10, 2021, and prompt action was taken to contain the incident.

Hospitals 116

Hospitals Health Insurance HIPAA Medicaid 116

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance 107

Health Insurance Licensing Ransomware Fraud 107

HIPAA Journal

MARCH 14, 2022

Capital Region Medical Center (CRMC) in Jefferson City, MO has recently confirmed patient information was accessed by unauthorized individuals in a December 2021 cyberattack that took its network and phone systems offline for several days. The attack was detected on December 17, 2021, when network systems were disrupted.

Electronic Medical Records 129

Electronic Medical Records Health Insurance HIPAA Licensing 129

Med-Net Compliance

SEPTEMBER 22, 2022

The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of three investigations concerning potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s patient right of access provision.

HIPAA 59

HIPAA US Department of Health and Human Services Compliance Health Insurance 59

HIPAA Journal

FEBRUARY 16, 2022

Philadelphia FIGHT Community Health Centers has recently announced it was the victim of a cyberattack on November 30, 2021. The information potentially compromised in the attack included names, dates of birth, Social Security numbers, medical diagnoses, treatment information, and health insurance information.

Electronic Medical Records 100

Electronic Medical Records Health Insurance Licensing HIPAA 100

HIPAA Journal

APRIL 15, 2022

The incident involved the exposure and potential theft of the protected health information of 318,400 patients, including names, addresses, birth dates patient account numbers, medical record numbers, health insurance information, testing, diagnostic, treatment, and claims information.

Electronic Medical Records 115

Electronic Medical Records HIPAA Health Insurance Fraud 115

HIPAA Journal

MARCH 4, 2022

Miami Lakes, FL-based Catholic Health Services has discovered the email accounts of three Catholic Hospice employees have been accessed by unauthorized individuals. Crossroads Health in Ohio has experienced a cyberattack that disrupted some of its IT systems. Bible Fellowship Church Homes, Inc.

Health Insurance 121

Health Insurance Licensing HIPAA 121

HIPAA Journal

NOVEMBER 9, 2023

Radiology Specialists into a large data breach that was reported in 2021 to determine whether it was caused by a failure to comply with the Health Insurance Portability and Accountability Act (HIPAA) and state laws. Radiology Specialists for $450,000 appeared first on HIPAA Journal.

HIPAA 56

HIPAA Health Insurance Licensing Compliance 56

HIPAA Journal

DECEMBER 1, 2022

Stanley Street Treatment and Resources Discloses October 2021 Data Breach. STAR), has recently announced a data breach that occurred more than a year ago in October 2021. An unauthorized individual was found to have gained access to its network and downloaded files containing the protected health information of 45,785 patients.

Health Insurance 101

Health Insurance Ransomware HIPAA Governance 101

HIPAA Journal

MARCH 9, 2022

The Birmingham, AL-based multi-specialty clinic, Norwood Clinic, has recently started notifying 228,103 individuals that some of their protected health information was accessed in a cyberattack that was detected on October 22, 2021. The review was concluded on February 2, 2022, and affected customers were updated on February 14, 2022.

Electronic Medical Records 116

Electronic Medical Records Health Insurance Ransomware HIPAA 116

Compliancy Group

APRIL 11, 2022

In one of the largest breaches reported in 2022 so far, SuperCare Health suffered a hacking incident affecting 318,379 patients. The network intrusion was initially detected on July 27, 2021. However, it took SuperCare Health until February 2022 to discover the incident had potentially compromised that patient information.

US Department of Health and Human Services 98

US Department of Health and Human Services HIPAA Compliance Licensing 98

HIPAA Journal

MARCH 10, 2022

Bako Diagnostics (BakoDx), a Georgia-based provider of laboratory services to healthcare providers, has announced it was the victim of a cyberattack that was discovered on December 28, 2021. The files exfiltrated from its systems included the protected health information of patients.

Ransomware 124

Ransomware Licensing Health Insurance Hospitals 124

HIPAA Journal

OCTOBER 6, 2022

Mon Health is facing a class action lawsuit over a hacking incident that allowed unauthorized individuals to gain access to its network for an 11-day period in December 2021. The lawsuit, which names Monongalia Health Systems Inc. and affiliated hospitals, Monongalia County General Hospital Co.,

HIPAA 92

HIPAA Fraud Hospitals Health Insurance 92