2021, Licensing and Ransomware - Health Care Compliance Brief

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

HIPAA Journal

AUGUST 3, 2022

Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their protected health information exposed and potentially stolen in a ransomware attack on billing and practice management vendor, PracticeMax.

Ransomware

Ransomware Health Insurance Licensing HIPAA

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. On August 31, 2021, Bleeping Computer was made aware of the data leak and made multiple attempts to notify United Health Centers.

Ransomware

Ransomware HIPAA Licensing Governance

Scripps Health Proposes $3.5M Settlement to Resolve Class Action Ransomware Lawsuit

HIPAA Journal

DECEMBER 30, 2022

A settlement has been proposed by Scripps Health to resolve a consolidated class action lawsuit – In Re: Scripps Health Data Incident Litigation – to resolve all claims related to its 2021 ransomware attack. The ransomware attack has proven to be incredibly costly for Scripps Health. The post Scripps Health Proposes $3.5M

Ransomware

Ransomware HIPAA Licensing Doctors

Four Healthcare Providers Hit with Ransomware Attacks

HIPAA Journal

MARCH 1, 2022

Ransomware attacks have recently been reported by four healthcare providers across the country, which have collectively resulted in the exposure and potential theft of the protected health information of more than 49,000 individuals. 2021, and successfully encrypted files on its network and servers. Jax Spine & Pain Centers.

Ransomware

Ransomware Licensing HIPAA Health Insurance

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

Bako Diagnostics (BakoDx), a Georgia-based provider of laboratory services to healthcare providers, has announced it was the victim of a cyberattack that was discovered on December 28, 2021. The Austin, TX-based cloud hosting and data storage company DataHEALTH has announced it was the victim of a ransomware attack on November 3, 2021.

Ransomware

Ransomware Licensing Health Insurance Hospitals

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. Patient Data Potentially Compromised in Jackson County Hospital Ransomware Attack.

Ransomware

Ransomware Hospitals Licensing HIPAA

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients. According to the notification letters, the attack was detected on November 24, 2021, when files on its systems were encrypted. Lifespan Services Suffers Ransomware Attack.

Ransomware

Ransomware Fraud HIPAA Licensing

Law Enforcement Health Benefits and Oklahoma City Indian Clinic Suffer Ransomware Attacks

HIPAA Journal

MARCH 30, 2022

have confirmed they were recent victims of cyberattacks, both of which involved the use of ransomware. Ransomware Attack Affects 85,282 Law Enforcement Health Benefits Members. LEHB) has recently announced that it was the victim of a ransomware attack that was detected on September 14, 2021.

Ransomware

Ransomware Electronic Medical Records Licensing HIPAA

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The initial notice to the Maine attorney general was submitted on October 8, 2021.

Ransomware

Ransomware Health Insurance HIPAA Licensing

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

HIPAA Journal

MARCH 10, 2023

According to the notifications, unauthorized individuals gained access to its network and used ransomware to encrypt files. MFHS said the sophisticated ransomware attack was discovered in April 2022. The post Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

HIPAA Journal

MAY 16, 2022

According to the April 29, 2022, notification on the healthcare provider’s website, “We recently discovered unauthorized access to our network occurred between May 31, 2021, and June 1, 2021.” The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal.

Health Insurance

Health Insurance Ransomware HIPAA Licensing

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

HIPAA Journal

NOVEMBER 28, 2022

(HHS) has recently announced that it was the victim of a ransomware attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files. Ransomware Attack Affects Patients of Disability Services of the Southwest.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware

Ransomware Fraud HIPAA Licensing

Electromed Proposes $825,000 Class Action Data Breach Settlement

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware

Ransomware Fraud Licensing Health Insurance

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents.

HIPAA

HIPAA Ransomware Health Insurance Fraud

HC3 Issues HPH Sector Alert Following Suspected Clop Cyberattacks

HIPAA Journal

FEBRUARY 23, 2023

The attacks have prompted the Health Sector Cybersecurity Coordination Center (HC3) to issue a further warning about the Clop ransomware group, which claimed responsibility for the attacks. In these attacks, the group said it could have deployed ransomware but chose not to do so, instead opting for an extortion-only approach.

Ransomware

Ransomware Licensing Public Health HIPAA

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

HIPAA Journal

JUNE 8, 2023

Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. According to the May 22, 2023, breach notice, the incidents occurred in 2021. The attack did not affect patient care but prevented access to its systems while the attack was remediated.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance

Health Insurance Licensing Ransomware Fraud

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

HIPAA Journal

MARCH 21, 2022

As previously reported on this site, JDC Healthcare Management detected malware within its IT network on or around August 9, 2021, with the forensic investigation into the security breach confirming the malware was downloaded onto its systems on July 27, 2021. Suffers Ransomware Attack. Wheeling Health Right Inc.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Updates on Cyberattacks on Goodman Campbell Brain and Spine and Behavioral Health Group

HIPAA Journal

AUGUST 8, 2022

Carmel, IN-based Goodman Campbell Brain and Spine has started notifying 363,000 current and former patients that some of their protected health information was stolen prior to data being encrypted with ransomware and some of the stolen data has been published on the gang’s dark web data leak site.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

Bricker & Eckler Agrees to Settle Class Action Data Breach Lawsuit for $1.95M

HIPAA Journal

SEPTEMBER 20, 2022

The Ohio law firm, Bricker & Eckler LLP, has agreed to settle a class action data breach lawsuit filed on behalf of individuals affected by a 2021 ransomware attack on the firm. The attackers had access to its systems from January 14 to January 31, 2021.

Ransomware

Ransomware Licensing HIPAA

Hacking Incidents Reported by Illinois Gastroenterology Group & the Mental Health Center of Greater Manchester

HIPAA Journal

MAY 9, 2022

The cyberattack was detected on October 22, 2021, when suspicious activity was identified within its computer network. While the security breach was not confirmed as involving ransomware, Illinois Gastroenterology said a new endpoint detection and response platform has been deployed that has policies enabled specifically for ransomware.

Ransomware

Ransomware Licensing HIPAA

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. The email accounts were discovered to have been compromised between December 6, 2021, and January 3, 2022. No other systems were compromised.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud

Fraud Health Insurance Ransomware HIPAA

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

HIPAA Journal

MARCH 9, 2022

The Birmingham, AL-based multi-specialty clinic, Norwood Clinic, has recently started notifying 228,103 individuals that some of their protected health information was accessed in a cyberattack that was detected on October 22, 2021. The review was concluded on February 2, 2022, and affected customers were updated on February 14, 2022.

Electronic Medical Records

Electronic Medical Records Health Insurance Ransomware HIPAA

5 Security Breaches Reported in Which PHI was Potentially Compromised

HIPAA Journal

JUNE 24, 2022

A limited number of individuals also had their Social Security numbers, driver’s license/state ID numbers, and/or financial account information exposed. Patient Data Stolen in Ransomware Attack on Heartland Healthcare Services. Atrium Health said there have been no reported cases of misuse of patient data.

Ransomware

Ransomware Licensing HIPAA Health Insurance

4 Data Security Challenges for Healthcare Organizations in 2022

HIT Consultant

DECEMBER 21, 2022

The key challenges faced by the industry include Data Breaches, Ransomware, Extensive use of Mobile Applications without proper ways to perform Authentication and Authorization and Lack of Healthcare Data Interoperability. million in 2021. Recent Data Breaches: – November 2022: Ransomware Hacker Steals Medibank Data on 9.7m

Ransomware

Ransomware HIPAA Health Insurance Governance

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

HIPAA Journal

DECEMBER 12, 2022

Receivables Performance Management (RPM) in Lynnwood, WA, a business associate of several HIPAA-covered entities, has recently started notifying individuals affected by a 2021 ransomware attack. The incident was detected on May 12, 2021, with the investigation confirming its systems were first breached on April 8, 2021.

HIPAA

HIPAA Hospitals Ransomware Licensing

California Department of Corrections and Rehabilitation Hack Exposed Sensitive Data

HIPAA Journal

AUGUST 23, 2022

Some of the exposed data included Social Security Numbers, driver’s license numbers, and trust account information. The investigation did not confirm when the system was first compromised; however suspicious activity was identified in a file transfer system dating back to December 2021.

COVID-19

COVID-19 Ransomware Licensing HIPAA

Editorial: Why Do Criminals Target Medical Records

HIPAA Journal

OCTOBER 14, 2022

2021 saw 714 data breaches of 500 or more records reported to the OCR – an 11% increase from the previous year. These full record sets are often sold on dark web sites to other criminals who use the data to obtain documentation such as Social Security cards, driver’s license numbers, and passports.

Ransomware

Ransomware HIPAA Health Insurance Hospitals

5 Healthcare Providers Suffer PHI Breaches

HIPAA Journal

MAY 18, 2023

The review of the affected files confirmed they contained information such as names, date of birth, addresses, phone numbers, email addresses, driver’s license numbers, Social Security numbers, diagnoses, disability codes, Medicare ID numbers, and health plan carrier information.

Ransomware

Ransomware HIPAA Licensing Medicare

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud

Fraud Health Insurance Ransomware HIPAA

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

HIPAA Journal

MAY 17, 2022

A limited number of individuals have also had their Social Security numbers, driver’s license information, and/or financial account or credit card information exposed. Ransomware Attack Affects 28,000 FPS Medical Center Patients. NuLife said no reports have been received to date to indicate any patient information has been misused.

Health Insurance

Health Insurance Licensing Ransomware HIPAA

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

OneTouch Point – Ransomware Attack Involving 4.11 Hackers had gained access to its network and used ransomware to encrypt files, with that information also potentially stolen in the attack. Affected providers started to be notified in March that hackers had gained access to its databases in December 2021. Million Records.

HIPAA

HIPAA Ransomware Health Insurance Compliance

19,000 Amazon PillPack Customer Accounts Compromised

HIPAA Journal

MAY 24, 2023

Northwest Health – La Porte Impacted by Fortra GoAnywhere Hack Northwest Health – La Porte in Indiana has recently confirmed that the protected health information of 10,256 patients was compromised in the Clop ransomware group’s series of attacks between January 28, 2023, and January 30, 2023.

HIPAA

HIPAA Ransomware Licensing Governance

EMPI/MPI: An End-to-End Approach to Patient Data Integrity

HIT Consultant

AUGUST 19, 2022

The FBI’s 2021 Internet Crime Report revealed that the healthcare sector dealt with the most ransomware attacks in 2021 of any critical infrastructure sector, with the Internet Crime Complaint Center (IC3) receiving 148 complaints of healthcare ransomware attacks.

Ransomware

Ransomware Public Health COVID-19 Licensing

Cyberattacks Reported by Wolfe Clinic, Reiter Affiliated Companies, & SERV Behavioral Health System

HIPAA Journal

SEPTEMBER 28, 2022

Wolfe Clinic used the myCare Integrity medical records platform, which was accessed by an unauthorized party on or around December 4, 2021, who deleted databases and system configuration files. The Hive ransomware gang claimed responsibility for the attack.

Electronic Medical Records

Electronic Medical Records Ransomware Fraud HIPAA

St. Luke’s Health Reports Third Party Data Breach

HIPAA Journal

NOVEMBER 7, 2022

On November 5, 2021, the email accounts of two employees of Adelanto Healthcare Ventures (AHCV) were accessed by an unauthorized individual. Luke’s Health is currently recovering from a ransomware attack on its parent company, CommonSpirit Health, that occurred more than a month ago.

Electronic Medical Records

Electronic Medical Records Ransomware HIPAA Licensing

Differences Between Small and Large Healthcare Organizations on Security

HIPAA Journal

APRIL 4, 2022

The survey was conducted on 130 small practices with 5 or fewer licensed providers and 129 large practices with six or more providers to understand the security issues they face and the measures each group has taken to protect against cyberattacks and data breaches. By far the biggest cause of data breaches was human error.

HIPAA

HIPAA Ransomware Licensing

Few Victims of Healthcare Data Breaches Take Advantage of Free Credit Monitoring Services

HIPAA Journal

FEBRUARY 9, 2023

In 2022, 22% of the data breaches investigated by Kroll occurred at healthcare organizations, up from 16% in 2021 – a year-over-year increase of 38%. While financial data is valuable to cybercriminals and is often misused, data breaches at healthcare organizations also put victims at risk.

Fraud

Fraud Ransomware HIPAA Licensing

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware

Ransomware HIPAA Fraud Hospitals

Ransomware Attacks Announced by Maternal & Family Health Services and Retreat Behavioral Health

HIPAA Journal

JANUARY 9, 2023

Maternal & Family Health Services in Eastern Pennsylvania has recently notified certain patients about an April 4, 2022, ransomware attack in which sensitive patient data was exposed. Retreat Behavioral Health Ransomware Attack Affects Up to 23,620 Patients. Notifications were sent to affected individuals on January 3, 2023.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Recap of AHLA’s Annual Meeting

Healthcare Law Blog

JULY 5, 2022

As always, with technology comes data, and experts weighed in on issues like data use, licensing, aggregation, new rules on information blocking, ransomware attacks/cyber insurance, and preparing for disasters, whether natural or human-made. Regulatory and Enforcement Environment.

Fraud

Fraud Governance Ransomware Licensing

Health Provider News – September 16, 2022

Hall Render

SEPTEMBER 16, 2022

billion in profit in 2021. Health care industry in Nebraska ‘thankful’ after licensing backlog averted. Aaron Weismann on ransomware attacks. Anesthesiologist’s license suspended; Incidents at surgery center under review. Ransomware gang threatens 1m-plus medical record leak. CONNECTICUT. NEW JERSEY.

US Department of Health and Human Services

US Department of Health and Human Services COVID-19 Nurses Nursing Homes

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

Trending Sources

Scripps Health Proposes $3.5M Settlement to Resolve Class Action Ransomware Lawsuit

Four Healthcare Providers Hit with Ransomware Attacks

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Law Enforcement Health Benefits and Oklahoma City Indian Clinic Suffer Ransomware Attacks

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

Electromed Proposes $825,000 Class Action Data Breach Settlement

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HC3 Issues HPH Sector Alert Following Suspected Clop Cyberattacks

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

Updates on Cyberattacks on Goodman Campbell Brain and Spine and Behavioral Health Group

Bricker & Eckler Agrees to Settle Class Action Data Breach Lawsuit for $1.95M

Hacking Incidents Reported by Illinois Gastroenterology Group & the Mental Health Center of Greater Manchester

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

5 Security Breaches Reported in Which PHI was Potentially Compromised

4 Data Security Challenges for Healthcare Organizations in 2022

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

California Department of Corrections and Rehabilitation Hack Exposed Sensitive Data

Editorial: Why Do Criminals Target Medical Records

5 Healthcare Providers Suffer PHI Breaches

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

Editorial: Lessons from Biggest HIPAA Breaches of 2022

19,000 Amazon PillPack Customer Accounts Compromised

EMPI/MPI: An End-to-End Approach to Patient Data Integrity

Cyberattacks Reported by Wolfe Clinic, Reiter Affiliated Companies, & SERV Behavioral Health System

St. Luke’s Health Reports Third Party Data Breach

Differences Between Small and Large Healthcare Organizations on Security

Few Victims of Healthcare Data Breaches Take Advantage of Free Credit Monitoring Services

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

Ransomware Attacks Announced by Maternal & Family Health Services and Retreat Behavioral Health

Recap of AHLA’s Annual Meeting

Health Provider News – September 16, 2022

Stay Connected