2021, HIPAA and Licensing - Health Care Compliance Brief

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents.

HIPAA

HIPAA Ransomware Health Insurance Fraud

Illinois Gastroenterology Group Settles 2021 Data Breach Lawsuit

HIPAA Journal

MARCH 31, 2023

Illinois Gastroenterology Group (IGG) has agreed to settle a class action lawsuit that stemmed from a 2021 data breach that exposed the protected health information of 227,943 patients. The post Illinois Gastroenterology Group Settles 2021 Data Breach Lawsuit appeared first on HIPAA Journal.

Licensing

Licensing HIPAA

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

HIPAA Journal

AUGUST 3, 2022

PracticeMax said it identified suspicious activity within its network on May 1, 2021, and confirmed that ransomware was installed on its network. The two health insurance firms confirmed they had been affected in late February 2022, with PracticeMax publicly reporting the breach in the fall of 2021.

Ransomware

Ransomware Health Insurance Licensing HIPAA

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. On August 31, 2021, Bleeping Computer was made aware of the data leak and made multiple attempts to notify United Health Centers.

Ransomware

Ransomware HIPAA Licensing Governance

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

HIPAA Journal

MAY 16, 2022

According to the April 29, 2022, notification on the healthcare provider’s website, “We recently discovered unauthorized access to our network occurred between May 31, 2021, and June 1, 2021.” The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal.

Health Insurance

Health Insurance Ransomware HIPAA Licensing

What is HIPAA Enforcement Discretion?

HIPAA Journal

JUNE 26, 2023

HIPAA enforcement discretion occurs when the Secretary for Health and Human Services (HHS) announces the Department will exercise discretion in the enforcement of HIPAA Rules. Typically, Notices of Enforcement Discretion last between 72 hours and 60 days, are state or region-specific and apply to specific provisions of the HIPAA Rules.

HIPAA

HIPAA COVID-19 COVID-19 Vaccine Public Health

U.S. Vision Subsidiary and Florida Addiction Treatment Center Announce 2021 Data Breaches

HIPAA Journal

NOVEMBER 8, 2022

Suspicious activity was detected within its network on May 12, 2021, with the forensic investigation confirming unauthorized individuals had access to its network for a month between April 20, 2021, and May 17, 2021. During that time, the attackers may have viewed or acquired sensitive patient data. The post U.S.

Licensing

Licensing Health Insurance HIPAA

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

Suspicious activity was detected within its email environment on December 16, 2021, passwords were changed to prevent further unauthorized access, and third-party cybersecurity experts were engaged to investigate the unauthorized activity. It is unclear why it took so long for the breach to be confirmed.

HIPAA

HIPAA Licensing Health Insurance Fraud

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA

HIPAA Ransomware Health Insurance Compliance

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

HIPAA Journal

MAY 2, 2022

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft of the protected health information of tens of thousands of individuals. The accounts were compromised on October 19, 2021, as a result of employees responding to phishing emails.

HIPAA

HIPAA Health Insurance Licensing Hospitals

SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit

HIPAA Journal

MAY 11, 2023

million settlement to resolve a class action lawsuit filed in response to a 2021 hacking incident in which the protected health information of 318,379 patients was compromised. Million Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal. The Californian home care service provider, SuperCare, has proposed a $2.25

HIPAA

HIPAA Health Insurance Licensing Hospitals

Vendor notebook: New AI tools to cut billing burdens, improve testing and more

Healthcare It News

MAY 12, 2023

AI virtual agents for billing The Seattle-based Outbound AI, founded in 2021, announced Tuesday it has expanded its cloud-powered PayerVA Console with generative AI that "augments human talent" while reducing billing specialist burden.

HIPAA

HIPAA Medical Billing FDA Licensing

New York Attorney General Settlements Garners $400,000

Compliancy Group

DECEMBER 22, 2023

On December 8, 2023, Healthplex, one of the largest dental administrators in New York state, settled a case with state regulators over a 2021 phishing incident. The Incident and Settlement In November 2021, an unknown attacker sent a phishing email to an employee of Healthplex. Become compliant today!

HIPAA

HIPAA Compliance Licensing

SQA Regulatory Surveillance Summary 4 | Monthly Update 2021

SQA

JUNE 10, 2021

SQA Regulatory Surveillance Summary #4, 2021. Brazilian Regulators Update Economic Monitoring Requirements for Some Medical Devices, 26 March 2021. The new regulation takes effect on 01 April 2021. ANVISA: The Advances of 2020 in Regulatory Quality Improvement, 31 March 2021.

FDA

FDA COVID-19 COVID-19 Vaccine Compliance

Dental Health Management Solutions Notified Patients About Historic Data Breach

HIPAA Journal

MARCH 6, 2023

Cedar Park, TX-based Dental Health Management Solutions (DHMS), a provider of dental services to the government/military and private patients has recently announced – via its legal counsel – that the protected health information of certain patients was exposed in a 2021 hacking incident.

Electronic Medical Records

Electronic Medical Records HIPAA Licensing Nurses

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. The attackers compromised FCHC’s old dental system which contained the PHI of patients who had received dental services prior to August 31, 2020.

Ransomware

Ransomware Hospitals Licensing HIPAA

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

Bako Diagnostics (BakoDx), a Georgia-based provider of laboratory services to healthcare providers, has announced it was the victim of a cyberattack that was discovered on December 28, 2021. The Austin, TX-based cloud hosting and data storage company DataHEALTH has announced it was the victim of a ransomware attack on November 3, 2021.

Ransomware

Ransomware Licensing Health Insurance Hospitals

SuperCare Health Hack Affects 300K Patients

Compliancy Group

APRIL 11, 2022

The network intrusion was initially detected on July 27, 2021. In a statement on SuperCare Health’s website, they provided details regarding the hacking incident, “On July 27, 2021, we discovered unauthorized activity on our systems. Let’s Simplify Compliance HIPAA and cybersecurity go hand-in-hand. Learn More! ×

US Department of Health and Human Services

US Department of Health and Human Services HIPAA Compliance Licensing

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

HIPAA Journal

JULY 11, 2022

Phoenixville Hospital Fires Employee for HIPAA Violation. An employee was discovered to have accessed the medical records of several patients without authorization between October 2021 and May 2022, when there was no legitimate work reason for viewing those records. Family Practice Center Reports October 2021 Hacking Incident.

Hospitals

Hospitals HIPAA Health Insurance Licensing

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance

Health Insurance Licensing Ransomware Fraud

Cyberattack on SuperCare Health Affects 318,000 Patients

HIPAA Journal

APRIL 7, 2022

SuperCare Health, a Downey, CA-based post-acute, in-home respiratory care provider serving the Western United States, has recently started notifying 318,379 patients that some of their protected health information has been exposed and potentially accessed by unauthorized individuals in a cyberattack that occurred in July 2021.

Licensing

Licensing HIPAA Health Insurance Hospitals

Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit

HIPAA Journal

FEBRUARY 16, 2023

The Nashville, TN-based health system, Advent Health Partners, has proposed a $500,000 settlement to resolve claims related to a September 2021 data breach involving the protected health information of 61,072 patients. Advent Health Partners detected a breach of its email environment in early September 2021.

HIPAA

HIPAA Fraud Licensing Health Insurance

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

HIPAA Journal

MARCH 14, 2022

Capital Region Medical Center (CRMC) in Jefferson City, MO has recently confirmed patient information was accessed by unauthorized individuals in a December 2021 cyberattack that took its network and phone systems offline for several days. The attack was detected on December 17, 2021, when network systems were disrupted.

Electronic Medical Records

Electronic Medical Records Health Insurance HIPAA Licensing

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

HIPAA Journal

FEBRUARY 16, 2022

Philadelphia FIGHT Community Health Centers has recently announced it was the victim of a cyberattack on November 30, 2021. The post 15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack appeared first on HIPAA Journal. They started to be notified on January 6, 2022.

Electronic Medical Records

Electronic Medical Records Health Insurance Licensing HIPAA

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

HIPAA Journal

APRIL 18, 2022

NRH explained on its website that a limited number of employee email accounts were accessed by unauthorized individuals over a period of 10 months in 2021 between January 26, 2021, and November 23, 2021. The types of information exposed included names, Social Security numbers, driver’s license numbers, state-issued I.D.

Licensing

Licensing HIPAA Health Insurance Hospitals

Data Breaches Reported by New Jersey Brain and Spine, Highmark Inc. and Dialyze Direct

HIPAA Journal

MARCH 23, 2022

New Jersey Brain and Spine (NJBS) has recently announced it was the victim of a cyberattack on or around November 16, 2021, that encrypted data on its network. and Dialyze Direct appeared first on HIPAA Journal. Notification letters were sent to affected individuals on March 10, 2022. Highmark Inc.,

HIPAA

HIPAA Licensing Health Insurance Governance

SuperCare Health Sued Over 318,000-Record Data Breach

HIPAA Journal

APRIL 15, 2022

A subset of individuals also had their Social Security numbers and/or driver’s license numbers exposed. SuperCare Health said unauthorized individuals had access to its network between July 23, 2021, to July 27, 2021, but did not disclose the nature of the cyberattack.

Electronic Medical Records

Electronic Medical Records HIPAA Health Insurance Fraud

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Bill of Health

JUNE 5, 2023

medical licensing exam , diagnose illnesses , and even outshine human doctors on measures of perceived empathy , raising many questions about how AI will reshape health care as we know it. In the field of medicine, ChatGPT already has been reported to ace the U.S. But what happens when AI gets things wrong?

Malpractice

Malpractice FDA HIPAA Doctors

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

HIPAA Journal

MARCH 4, 2022

The security incident was detected on January 18, 2022, with the subsequent investigation confirming unauthorized individuals had access to its systems between November 18, 2021, and January 18, 2022. dba Fellowship Community in Whitehall, PA, has recently announced it was the victim of a cyberattack that was detected on August 6, 2021.

Health Insurance

Health Insurance Licensing HIPAA

Scripps Health Proposes $3.5M Settlement to Resolve Class Action Ransomware Lawsuit

HIPAA Journal

DECEMBER 30, 2022

A settlement has been proposed by Scripps Health to resolve a consolidated class action lawsuit – In Re: Scripps Health Data Incident Litigation – to resolve all claims related to its 2021 ransomware attack. Settlement to Resolve Class Action Ransomware Lawsuit appeared first on HIPAA Journal. The post Scripps Health Proposes $3.5M

Ransomware

Ransomware HIPAA Licensing Doctors

New York AG Settles Data Breach Investigation of U.S. Radiology Specialists for $450,000

HIPAA Journal

NOVEMBER 9, 2023

Radiology Specialists into a large data breach that was reported in 2021 to determine whether it was caused by a failure to comply with the Health Insurance Portability and Accountability Act (HIPAA) and state laws. On January 22, 2021, SonicWall alerted its customers about a coordinated cyberattack on its internal systems.

HIPAA

HIPAA Health Insurance Licensing Compliance

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

HIPAA Journal

DECEMBER 12, 2022

Receivables Performance Management (RPM) in Lynnwood, WA, a business associate of several HIPAA-covered entities, has recently started notifying individuals affected by a 2021 ransomware attack. The incident was detected on May 12, 2021, with the investigation confirming its systems were first breached on April 8, 2021.

HIPAA

HIPAA Hospitals Ransomware Licensing

Umass Memorial Health Proposes $1.2 Million Settlement to Resolve Data Breach Lawsuit

HIPAA Journal

FEBRUARY 14, 2023

Hackers gained access to Umass Memorial Health’s email environment between June 24, 2020 and January 7, 2021, as a result of responses to phishing emails. Million Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal. Claims for the benefits or cash payment must be submitted by April 14, 2023.

Fraud

Fraud Licensing Health Insurance HIPAA

Email Accounts Compromised at BJC HealthCare & Cooper University Health Care

HIPAA Journal

MAY 31, 2022

A limited number of patients also had their health insurance information, driver’s license numbers, and/or Social Security numbers exposed. Camden, NJ-based Cooper University Health Care announced on May 25, 2022, that the email account of an employee was accessed by an unauthorized individual on November 24, 2021.

Licensing

Licensing HIPAA Health Insurance

Radiology Associates of Albuquerque Notifies Patients About Security Breach That Started in December 2020

HIPAA Journal

OCTOBER 17, 2022

RAA said suspicious activity was detected within its environment in August 2021. The forensic investigation confirmed that unauthorized individuals had access to certain systems between July 22, 2021, and August 3, 2021, and copied files from its network that contained patient data.

Licensing

Licensing HIPAA Health Insurance Medicaid

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

HIPAA Journal

MARCH 21, 2022

As previously reported on this site, JDC Healthcare Management detected malware within its IT network on or around August 9, 2021, with the forensic investigation into the security breach confirming the malware was downloaded onto its systems on July 27, 2021. Further information on the data breach has now been obtained.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The initial notice to the Maine attorney general was submitted on October 8, 2021.

Ransomware

Ransomware Health Insurance HIPAA Licensing

Electromed Proposes $825,000 Class Action Data Breach Settlement

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. The post Electromed Proposes $825,000 Class Action Data Breach Settlement appeared first on HIPAA Journal.

Ransomware

Ransomware Fraud Licensing Health Insurance

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

HIPAA Journal

APRIL 1, 2022

On January 24, 2022, SRHD announced that an employee email account had been compromised on December 21, 2021. Between June 24, 2021, and July 2, 2021, emails and attachments in a Ciox Health employee’s email account were downloaded by an unauthorized individual.

Fraud

Fraud HIPAA Licensing Health Insurance

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud

Fraud Health Insurance Ransomware HIPAA

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

HIPAA Journal

MARCH 9, 2022

The Birmingham, AL-based multi-specialty clinic, Norwood Clinic, has recently started notifying 228,103 individuals that some of their protected health information was accessed in a cyberattack that was detected on October 22, 2021. The review was concluded on February 2, 2022, and affected customers were updated on February 14, 2022.

Electronic Medical Records

Electronic Medical Records Health Insurance Ransomware HIPAA

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

HIPAA Journal

MARCH 10, 2023

The lawsuit also takes issue with the delay in notifications, which were sent almost 9 months after the breach was detected, when the HIPAA Breach Notification Rule requires notifications to be issued within 60 days of the discovery of a data breach. Izquierdo claims he has been told he must pay the interest accrued on those cards.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Avem Health Partners and Emory Healthcare Notify Patients About Data Breaches

HIPAA Journal

DECEMBER 19, 2022

A review of the files on the compromised servers confirmed that protected health information such as patient names, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, and diagnosis and treatment information had been exposed.

Fraud

Fraud Licensing HIPAA Health Insurance

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

HIPAA Journal

JULY 5, 2022

Individuals who had their Social Security numbers or driver’s license numbers exposed have been offered complimentary credit monitoring and identity theft protection services. The breach occurred in early December 2021 and was detected when the account was used to send spam emails. million individuals have potentially been compromised.

Licensing

Licensing Electronic Medical Records Health Insurance Hospitals

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Illinois Gastroenterology Group Settles 2021 Data Breach Lawsuit

Trending Sources

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

What is HIPAA Enforcement Discretion?

U.S. Vision Subsidiary and Florida Addiction Treatment Center Announce 2021 Data Breaches

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Editorial: Lessons from Biggest HIPAA Breaches of 2022

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit

Vendor notebook: New AI tools to cut billing burdens, improve testing and more

New York Attorney General Settlements Garners $400,000

SQA Regulatory Surveillance Summary 4 | Monthly Update 2021

Dental Health Management Solutions Notified Patients About Historic Data Breach

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

SuperCare Health Hack Affects 300K Patients

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Cyberattack on SuperCare Health Affects 318,000 Patients

Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

Data Breaches Reported by New Jersey Brain and Spine, Highmark Inc. and Dialyze Direct

SuperCare Health Sued Over 318,000-Record Data Breach

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

Scripps Health Proposes $3.5M Settlement to Resolve Class Action Ransomware Lawsuit

New York AG Settles Data Breach Investigation of U.S. Radiology Specialists for $450,000

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

Umass Memorial Health Proposes $1.2 Million Settlement to Resolve Data Breach Lawsuit

Email Accounts Compromised at BJC HealthCare & Cooper University Health Care

Radiology Associates of Albuquerque Notifies Patients About Security Breach That Started in December 2020

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

Electromed Proposes $825,000 Class Action Data Breach Settlement

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

Avem Health Partners and Emory Healthcare Notify Patients About Data Breaches

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

Stay Connected