2022 and Licensing - Health Care Compliance Brief

One Brooklyn Health Notifies Patients About November 2022 Cyberattack

HIPAA Journal

APRIL 21, 2023

One Brooklyn Health System, which operates three hospitals in Brooklyn, NY, has started notifying patients affected by a November 19, 2022, cyberattack. Contact information then needed to be verified to allow breach notification letters to be mailed.

Health Insurance

Health Insurance Licensing HIPAA Hospitals

FDA Proposes National Licensing Standards for Wholesale Drug Distributors and Third?Party Logistics Providers

Hall Render

MAY 11, 2022

Earlier this year, the Food and Drug Administration (“FDA”) announced a Proposed Rule regarding national standards for the licensing of prescription drug wholesale distributors (“Wholesale Distributors”) and third-party logistics providers (“3PLs”). Interested stakeholders have until Monday, June 6, 2022 to submit their comments.

Licensing

Licensing FDA

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. In addition to the high number of data breaches, 2022 stands out for the sheer number of healthcare records breached, which currently stands at 49.8

HIPAA

HIPAA Ransomware Health Insurance Compliance

Ransomware Attack at Fitzgibbon Hospital Affects 112,000 Patients

HIPAA Journal

JANUARY 5, 2023

Back in June 2022 , HIPAA Journal reported on a cyberattack on Fitzgibbon Hospital in Marshall, MO, after being contacted directly by a spokesperson for a threat group called DAIXIN Team, who claimed responsibility for the attack. Howard Memorial Hospital Announces December 2022 Cyberattack.

Ransomware

Ransomware Hospitals HIPAA Licensing

Physicians Business Office Reports Data Breach Affecting 196,573 Individuals

HIPAA Journal

SEPTEMBER 30, 2022

Physicians Business Office (PBO), a Parkersburg, WV-based provider of medical practice management and administrative services, has recently disclosed a security incident that occurred in April 2022. That process was completed on September 16, 2022, and notification letters were sent shortly thereafter.

Licensing

Licensing HIPAA Health Insurance

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

HIPAA Journal

AUGUST 2, 2023

The administrative service provider said suspicious activity was detected within its network in early December 2022, and the forensic investigation confirmed on December 15, 2022, that an unauthorized third party accessed parts of its computer network where personal health information was stored.

Licensing

Licensing Electronic Medical Records Ransomware Health Insurance

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

Valle de Sol did not state in its notification letters when hackers gained access to its network, or for how long they had access, but did confirm that the unauthorized activity was detected on January 25, 2022. A comprehensive review was conducted of all files that may have been accessed, which was completed on July 18, 2022.

Health Insurance

Health Insurance Licensing Fraud HIPAA

Washington State Charity Care Requirements Expanded as of July 1, 2022

Hall Render

MAY 17, 2022

All acute care hospitals licensed under RCW 70.41 and all psychiatric hospitals licensed under RCW 71.12 The expanded requirements of the charity care law become effective July 1, 2022, but hospitals are required to take action prior to July 1, 2022, so that they can be in compliance as of the effective date.

Hospitals

Hospitals Licensing Medicaid Medicaid

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

According to the breach report filed with the Maine Attorney General, it took until October 3, 2022, to confirm that an unauthorized third party had accessed the email system, which included sensitive information of its members. Notification letters were sent to affected individuals on October 31, 2022.

HIPAA

HIPAA Licensing Health Insurance Fraud

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

HIPAA Journal

JULY 5, 2022

The email system was immediately secured when the breach was detected with the forensic investigation confirming that two email accounts had been accessed by an unauthorized third party between January 12, 2022, and January 19, 2022. A limited number of patients also had financial account information exposed.

Licensing

Licensing Electronic Medical Records Health Insurance Hospitals

DME Industry 2021 Year End Review & Looking Into 2022

Florida Health Care Law Firm

DECEMBER 10, 2021

Ancillary and newly related investigations have still been in full force in 2021, with no signs of slowing down in 2022. Continuous Glucose Monitor State License Requirements. Continuous Glucose Monitor State License Requirements. What to Expect in 2022. Don’t just survive in 2022, plan ahead and thrive.

Medicare

Medicare Medicare Telemedicine COVID-19

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

HIPAA Journal

NOVEMBER 23, 2022

The attack occurred between January 26 and January 28, 2022, and while the attack was detected by the firm’s endpoint security solution shortly after the ransomware was executed, it was not possible to prevent the encryption of certain files on its network.

Ransomware

Ransomware Fraud Licensing HIPAA

Radiology Associates of Albuquerque Notifies Patients About Security Breach That Started in December 2020

HIPAA Journal

OCTOBER 17, 2022

RAA said the review and cataloging of the affected files took until July 2022 to complete, then it took until September 2022 to verify up-to-date contact information. RAA explained in a substitute breach notice on its website that the delay in issuing notifications was due to the time taken to investigate the incident.

Licensing

Licensing HIPAA Health Insurance Medicaid

U.S. Vision Subsidiary and Florida Addiction Treatment Center Announce 2021 Data Breaches

HIPAA Journal

NOVEMBER 8, 2022

The information provided was validated and correct contact information was obtained, allowing individual notification letters to be sent. That process was completed on October 17, 2022. The types of information exposed varied from patient to patient. The post U.S.

Licensing

Licensing Health Insurance HIPAA

Important practice-points for pharmacists independently initiating and furnishing Paxlovid

Natalia Mazina

AUGUST 16, 2022

Recently – on July 6, 2022 – the FDA amended the Emergency Use Authorization (EUA) for Paxlovid, an orally-administered COVID-19 therapeutic drug. Recently – on July 6, 2022 – the FDA amended the Emergency Use Authorization (EUA) for Paxlovid, an orally-administered COVID-19 therapeutic drug.

COVID-19

COVID-19 Informed Consent FDA Licensing

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

HIPAA Journal

MARCH 4, 2022

The security incident was detected on January 18, 2022, with the subsequent investigation confirming unauthorized individuals had access to its systems between November 18, 2021, and January 18, 2022. On January 25, 2022, CVS Pharmacy determined certain accounts had been compromised.

Health Insurance

Health Insurance Licensing HIPAA

Data Breaches Reported by The Hutchinson Clinic & 90 Degree Benefits

HIPAA Journal

FEBRUARY 27, 2023

The Hutchinson Clinic Reports December 2022 Hacking Incident The Hutchinson, KS-based healthcare provider, The Hutchinson Clinic, has recently announced that hackers accessed its network between December 19, 2022, and December 22, 2022, and during that time, files containing patient data may have been accessed and stolen.

Licensing

Licensing HIPAA Health Insurance

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

HIPAA Journal

OCTOBER 7, 2022

On August 5, 2022, Anthem discovered that an unauthorized individual had gained access to a database and downloaded files containing plan members’ protected health information, including names, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, and Medicaid ID numbers.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Cyberattacks Reported by Heartland Alliance and CentraState Medical Center

HIPAA Journal

JANUARY 5, 2023

The Chicago, IL-based social justice and human rights organization, Heartland Alliance, announced on December 15, 2022, that it was the victim of a cyberattack. The security breach was discovered on January 26, 2022, and prompt action was taken to secure its systems to prevent further unauthorized access.

Licensing

Licensing HIPAA

Parker-Hannifin Cyberattack Affects Almost 120,000 Health Plan Members

HIPAA Journal

MAY 19, 2022

Suspicious activity was detected within its IT environment on March 14, 2022. The forensic investigation confirmed its systems were accessed by unauthorized individuals between March 11, 2022, and March 14, 2022. BHPMW is unaware of any attempted or actual misuse of the stolen information.

COVID-19

COVID-19 Health Insurance Licensing HIPAA

Indiana Abortion Law Injunction Limited in Scope

Hall Render

SEPTEMBER 23, 2022

This morning, September 22, 2022, Special Judge Kelsey B. 1 (SB 1) by members of the Medical Licensing Board of Indiana and Prosecutors from Hendricks, Lake, Marion, Monroe, St. The Plaintiffs operate or provide services at licensed, non-hospital abortion clinics in the aforementioned counties. Your primary Hall Render contact.

Licensing

Licensing Hospitals Governance

5 Security Breaches Reported in Which PHI was Potentially Compromised

HIPAA Journal

JUNE 24, 2022

On April 7, 2022, an employee responded to a phishing email and disclosed credentials for an email and messaging account. A limited number of individuals also had their Social Security numbers, driver’s license/state ID numbers, and/or financial account information exposed.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

HIPAA Journal

APRIL 18, 2022

According to the substitute breach notice on the Contra Costa County website, the email accounts contained information on employees and individuals who had previously contacted the County’s Employment and Human Services Department. numbers, financial account numbers, passport numbers, medical information, and/or health insurance information.

Licensing

Licensing HIPAA Health Insurance Hospitals

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

HIPAA Journal

APRIL 14, 2023

The Iowa Department of Health and Human Services (DHHS) has confirmed that the personal information of 20,800 Iowans who receive Medicaid was exposed in a cyberattack at a subcontractor of one of its business associates between June 30, 2022, and July 5, 2022.

Medicaid

Medicaid Medicaid Ransomware HIPAA

ProviderTrust, Inc. Celebrates 12-year Anniversary

Provider Trust

JULY 1, 2022

NASHVILLE, TN (July 2, 2022): In 2010, ProviderTrust, Inc. Together its managing partners, Chris Redhage, Michael Rosen, and Andrew Luers launched Passport, an automated exclusion monitoring and license verification solution for health systems. was founded with a vision to simplify healthcare compliance.

Licensing

Licensing Compliance

Multiple Email Accounts Compromised at Covenant Care California and Bergen’s Promise

HIPAA Journal

JUNE 29, 2022

Suspicious activity was detected in an employee’s email account in February 2022, with the subsequent investigation confirming multiple employee email accounts had been accessed between February 24 and March 22, 2022.

HIPAA

HIPAA Licensing Health Insurance Nurses

Activate Healthcare Reports Security Breach Affects Up to 93,761 Patients

HIPAA Journal

JUNE 30, 2023

On April 29, 2023, it was confirmed that files had been exfiltrated that included patient information such as names, dates of birth, addresses, Social Security numbers, driver’s license numbers, and clinical information, such as provider names, dates of service, and/or diagnoses.

Licensing

Licensing Health Insurance Records Management HIPAA

NY Nursing Home Minimum Staffing Assessments Set to Begin

Healthcare Law Blog

JULY 5, 2023

The three minimum staffing requirements established under Public Health Law 2895-b are as follows: Beginning April 1, 2022, nursing homes were required to maintain at minimum daily average staffing hours equal to 3.5 No less than 2.2 HPRD (out of the 3.5 hours) must be provided by a CNA, and No less than 1.1 HPRD (out of the 3.5

Nursing Homes

Nursing Homes Nurses Compliance Licensing

Cyberattacks Reported by Wolfe Clinic, Reiter Affiliated Companies, & SERV Behavioral Health System

HIPAA Journal

SEPTEMBER 28, 2022

Reiter Affiliated Companies Reports June 2022 Cyberattack. Reiter Affiliated Companies, the largest fresh, multi-berry producer in the world, has recently confirmed that an unauthorized third party gained access to its network between June 25, 2022, and July 4, 2022. SERV Behavioral Health System Confirms May 2022 Cyberattack.

Electronic Medical Records

Electronic Medical Records Ransomware Fraud HIPAA

Summer Health Launches Messaging-Based Pediatric Care to Combat the RSV, Flu, and COVID Tripledemic

HIT Consultant

NOVEMBER 29, 2022

. – Amid a growing pediatric-care crisis that has caused an overflow in emergency rooms and doctor’s offices across the country, Summer Health aims to help relieve the overwhelming burden and be the first point of contact for parents assessing which illnesses are truly urgent. .

Licensing

Licensing Doctors COVID-19

PHI Potentially Compromised in Security Incidents at Allwell Behavioral Health Services and WellDyneRx

HIPAA Journal

JUNE 2, 2022

The unauthorized access was detected on March 5, 2022, with the subsequent forensic investigation determining the system was breached on March 2, 2022. Steps have been taken to improve security to prevent similar attacks in the future.

Licensing

Licensing HIPAA Health Insurance

Data Breaches Reported by WV and CO Healthcare Providers and NJ Medical Billing Administrator

HIPAA Journal

APRIL 8, 2022

The email accounts were compromised between January 10 and 11, 2022. That review was completed on March 16, 2022. A comprehensive review was conducted on all files on its network that were potentially accessed or exfiltrated, then contact information was verified so that notifications could be issued.

Medical Billing

Medical Billing Licensing Health Insurance Medicaid

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

HIPAA Journal

JUNE 8, 2023

Telligen subcontracted part of that work to Independent Living Systems (ILS), where the data breach occurred in June and July 2022. Another breach was confirmed in April at one of its contractors, Telligen, Inc., which performs annual assessments for Medicaid members to ensure they are receiving the correct level of care.

Medicaid

Medicaid Medicaid Ransomware Health Insurance

Data Breaches Reported by Physicians’ Spine and Rehabilitation Specialists of Georgia and One Medical Inc.

HIPAA Journal

SEPTEMBER 21, 2022

The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has notified 38,765 patients that some of their protected health information has potentially been compromised in a cyberattack that occurred on or around July 11, 2022. The types of data in the files varied from individual to individual.

Licensing

Licensing HIPAA

Healthcare Data Breaches Continue to Rise

Healthcare Compliance Blog

MARCH 17, 2022

The cyberattack resulted in unauthorized data access of patient names, contact information, driver’s license numbers, Social Security numbers, birth dates, health insurance policy numbers, and limited health information. The second cyberattack occurred in January 2022 in a cardiology office.

Licensing

Licensing Health Insurance COVID-19 HIPAA

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

HIPAA Journal

NOVEMBER 28, 2022

The attack was detected on June 20, 2022, and third-party forensics experts were engaged to investigate the incident and determine the scope of the attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

Norton Healthcare Facing Class Action Lawsuit Over BlackCat Cyberattack

HIPAA Journal

JULY 27, 2023

The stolen information included names, addresses, email addresses, dates of birth, Social Security numbers, government identification ID numbers, driver’s license numbers, payment/financial institution information, health insurance providers, medical treatment information, medical diagnoses, medications, medical images, and lab test results.

Ransomware

Ransomware Fraud Licensing Health Insurance

559,000 Individuals Affected by Murfreesboro Medical Clinic & SurgiCenter Cyberattack

HIPAA Journal

JULY 4, 2023

ARx Patient Solutions Reports Email Account Breach from 2022 The Kansas-based healthcare provider, ARx Patient Solutions, has recently notified the Maine Attorney General about a security breach that has affected 41,116 individuals, including individuals who used the ARx Patient Solutions Pharmacy.

Medicaid

Medicaid Medicaid Health Insurance Licensing

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

HIPAA Journal

MARCH 9, 2022

The investigation confirmed that an unauthorized individual gained access to a server that housed patient information such as names, contact information, birth dates, Social Security numbers, driver’s license numbers, limited health information, and/or health insurance policy numbers.

Electronic Medical Records

Electronic Medical Records Health Insurance Ransomware HIPAA

Health Provider News – May 20, 2022

Hall Render

MAY 20, 2022

Group home at center of Gilbert murder investigation fights to keep license to operate. California aims to tighten licensing of nursing homes after pandemic exposes deadly lapses. Michigan suspends contact tracing contract as COVID cases surge. Arizona endoscopy center to open in summer. By fixing a giant training bottleneck.

COVID-19

COVID-19 Nursing Homes Nurses Hospitals

Understanding the 2025 Medicare Part D Re-design: What You Need to Know

Innovaare Compliance

JANUARY 15, 2024

The Prescription Drug Program, commonly known as Medicare Part D, is undergoing significant transformations in 2025 due to the Inflation Reduction Act (IRA) of 2022. Contact Inovaare for expert guidance on navigating these transformations. These changes mark a pivotal shift from its original structure in 2006.

Medicare

Medicare Medicare Compliance FDA

Data Breaches Reported by Allegheny Health Network, St. Luke’s Health System, & Goldsboro Podiatry

HIPAA Journal

AUGUST 2, 2022

The breach occurred in May 2022 at Kaye-Smith, the health system’s billing vendor, and affected patients that were billed that month. The breach was discovered in June 2022 and was reported to St. Luke’s Health System on July 6, 2022. Goldsboro Podiatry was notified about the attack on May 20, 2022.

Electronic Medical Records

Electronic Medical Records Ransomware HIPAA Licensing

PREP Act Liability Coverage Extended to Pharmacists and Interns for Flu Vaccination

Hall Render

FEBRUARY 4, 2022

On January 5, 2022, the Department of Health and Human Services (“HHS”) published an amendment to its Declaration for medical countermeasures against COVID-19 (the “Declaration”) under the Public Readiness and Emergency Preparedness Act (“PREP Act”).

Licensing

Licensing COVID-19 Hospitals

19,000 Amazon PillPack Customer Accounts Compromised

HIPAA Journal

MAY 24, 2023

Suspicious network activity was detected by IMA on October 19, 2022. Up-to-date contact information then needed to be obtained, and notification letters started to be sent on April 19, 2023. The Wichita, KS-based integrated financial services company, IMA Financial Group, Inc.,

HIPAA

HIPAA Ransomware Licensing Governance

One Brooklyn Health Notifies Patients About November 2022 Cyberattack

FDA Proposes National Licensing Standards for Wholesale Drug Distributors and Third?Party Logistics Providers

Trending Sources

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Ransomware Attack at Fitzgibbon Hospital Affects 112,000 Patients

Physicians Business Office Reports Data Breach Affecting 196,573 Individuals

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

Washington State Charity Care Requirements Expanded as of July 1, 2022

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

DME Industry 2021 Year End Review & Looking Into 2022

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

Radiology Associates of Albuquerque Notifies Patients About Security Breach That Started in December 2020

U.S. Vision Subsidiary and Florida Addiction Treatment Center Announce 2021 Data Breaches

Important practice-points for pharmacists independently initiating and furnishing Paxlovid

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

Data Breaches Reported by The Hutchinson Clinic & 90 Degree Benefits

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

Cyberattacks Reported by Heartland Alliance and CentraState Medical Center

Parker-Hannifin Cyberattack Affects Almost 120,000 Health Plan Members

Indiana Abortion Law Injunction Limited in Scope

5 Security Breaches Reported in Which PHI was Potentially Compromised

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

ProviderTrust, Inc. Celebrates 12-year Anniversary

Multiple Email Accounts Compromised at Covenant Care California and Bergen’s Promise

Activate Healthcare Reports Security Breach Affects Up to 93,761 Patients

NY Nursing Home Minimum Staffing Assessments Set to Begin

Cyberattacks Reported by Wolfe Clinic, Reiter Affiliated Companies, & SERV Behavioral Health System

Summer Health Launches Messaging-Based Pediatric Care to Combat the RSV, Flu, and COVID Tripledemic

PHI Potentially Compromised in Security Incidents at Allwell Behavioral Health Services and WellDyneRx

Data Breaches Reported by WV and CO Healthcare Providers and NJ Medical Billing Administrator

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

Data Breaches Reported by Physicians’ Spine and Rehabilitation Specialists of Georgia and One Medical Inc.

Healthcare Data Breaches Continue to Rise

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

Norton Healthcare Facing Class Action Lawsuit Over BlackCat Cyberattack

559,000 Individuals Affected by Murfreesboro Medical Clinic & SurgiCenter Cyberattack

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

Health Provider News – May 20, 2022

Understanding the 2025 Medicare Part D Re-design: What You Need to Know

Data Breaches Reported by Allegheny Health Network, St. Luke’s Health System, & Goldsboro Podiatry

PREP Act Liability Coverage Extended to Pharmacists and Interns for Flu Vaccination

19,000 Amazon PillPack Customer Accounts Compromised

Stay Connected