HIPAA Journal

JUNE 20, 2023

May 2023 was a particularly bad month for healthcare data breaches. More healthcare records have been breached in the first 5 months of 2023 (36,437,539 records) than in all of 2020 (29,298,012 records). The Money Message ransomware group exfiltrated 4.7 This was also a ransomware attack with data theft confirmed.

Ransomware 93

Ransomware HIPAA Compliance Health Insurance 93

Compliancy Group

MARCH 17, 2023

Many factors over the past year have affected how your organization meets its healthcare compliance obligations. Here are four healthcare compliance issues you must have on your radar. Public Health Emergency will end on May 11, 2023. The FBI reported at least 210 healthcare-related ransomware complaints in 2022.

Compliance 52

Compliance HIPAA Public Health Ransomware 52

HIT Consultant

MARCH 13, 2024

Investigation Focuses on HIPAA Compliance The OCR enforces the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules. However, the agency reminds them of their obligations under HIPAA, including: Maintaining valid business associate agreements with Change Healthcare.

Ransomware 116

Ransomware HIPAA Compliance Health Insurance 116

HIT Consultant

APRIL 29, 2024

In 2023, the healthcare industry faced its toughest year, with over 124 million health records breached in a total of 725 hacking incidents, according to The HIPAA Journal. Jim Broome, President and CTO, DirectDefense It’s not a matter of if but when an organization will face a security incident.

Ransomware 119

Ransomware HIPAA Compliance Hospitals 119

HIPAA Journal

APRIL 20, 2023

Healthcare Data Breaches Reported in March 2023 In March, 63 breaches of 500 or more records were reported to OCR, which is a 46.51% increase from February, 6.92% more than the 12-month average, and 40% more breaches than in March 2022. Malicious actors continue to use ransomware in their attacks on healthcare organizations.

US Department of Health and Human Services 98

US Department of Health and Human Services Ransomware HIPAA Hospitals 98

Healthcare IT Today

DECEMBER 13, 2023

The following is a guest article by Dotty Bollinger, JD, Healthcare Compliance Consultant, Compliancy Group The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reached a settlement with Doctors’ Management Services after the healthcare vendor succumbed to a ransomware attack.

Compliance 95

Compliance Ransomware Regulatory Compliance HIPAA 95

HIPAA Journal

MAY 23, 2023

Largest Healthcare Data Breaches Reported in April 2023 As previously mentioned, April saw a major data breach reported that affected 3,037,303 individuals – The third largest breach to be reported by a single HIPAA-covered entity so far this year, and the 19 th largest breach to be reported by a single HIPAA-regulated entity to date.

Ransomware 97

Ransomware HIPAA Medicaid Medicaid 97

HIPAA Journal

MAY 18, 2023

The Department of Health and Human Services’ Office for Civil Rights is the main enforcer of HIPAA compliance; however, state Attorneys General also play a role in enforcing compliance with the Rules of the Health Insurance Portability and Accountability Act (HIPAA). in 2011 that was settled for $100,000.

HIPAA 94

HIPAA Compliance Ransomware Hospitals 94

HIPAA Journal

JULY 20, 2023

In June, HIPAA-regulated entities reported 66 breaches, and while this was an improvement on the 73 breaches reported in June 2022, the month’s total is still well above the 12-month average of 58 data breaches a month. In H1 2023, 41,452,622 healthcare records were exposed or impermissibly disclosed.

HIPAA 91

HIPAA Ransomware Hospitals Compliance 91

HIPAA Journal

FEBRUARY 22, 2023

Largest Healthcare Data Breaches in January 2023 In January there were 13 data breaches involving 10,000 or more records, 8 of which involved hacked network servers and email accounts. Healthcare providers were the worst affected HIPAA-covered entity with 31 reported data breaches and 5 data breaches were reported by health plans.

HIPAA 106

HIPAA Ransomware Hospitals Compliance 106

HIPAA Journal

JANUARY 30, 2023

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching.

US Department of Health and Human Services 81

US Department of Health and Human Services HIPAA Compliance Medicaid 81

Compliancy Group

DECEMBER 14, 2023

New York has already set aside $500 million for compliance efforts that hospitals across the state can apply to receive a share of. According to a press release published by the Department of Health and Human Services Office for Civil Rights (OCR), ransomware and hacking are healthcare’s primary cyberthreats.

Compliance 52

Compliance Hospitals US Department of Health and Human Services Electronic Medical Records 52

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents. The post Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG appeared first on HIPAA Journal.

HIPAA 85

HIPAA Ransomware Health Insurance Fraud 85

HIPAA Journal

AUGUST 21, 2023

The figures this month bring the running breach total for 2023 up to 395 incidents, across which the records of 59,569,604 individuals have been exposed or stolen. The average breach size for 2023 is 150,809 records and the median breach size is 4,209 records. Over the past 12 months, more than 81.76 million and 47.6

Ransomware 79

Ransomware HIPAA Medicare Medicare 79

HIPAA Journal

APRIL 23, 2024

March was a particularly bad month for healthcare data breaches with 93 branches of 500 or more records reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), a 50% increase from February and a 41% year-over-year increase from March 2023. of all records compromised in March.

Ransomware 112

Ransomware HIPAA Hospitals Nurses 112

HIPAA Journal

MARCH 22, 2023

Largest Healthcare Data Breaches Reported in February 2023 17 healthcare data breaches of 10,000 or more records were reported in February, all of which were hacking incidents. This was a ransomware attack with confirmed data theft and was, at the time of reporting, the largest data healthcare data breach of the year.

Ransomware 75

Ransomware HIPAA Nurses Hospitals 75

HIPAA Journal

MAY 2, 2024

By far the most common cause of security incidents in 2023 was network intrusions, which accounted for 51% of security incidents the law firm helped to manage, followed by business email compromise incidents (26%), and inadvertent disclosures (26%). 27% of attacked companies paid a ransom in 2023, compared to 40% in 2022.

HIPAA 88

HIPAA Ransomware Compliance 88

Total HIPAA

JUNE 28, 2023

You may have been wondering if this means you’ll have to do something about “HIPAA”. This means you need to be HIPAA compliant as an employer. HIPAA compliance means having a plan. Here are three common pitfalls to look out for in your HIPAA Compliance Plan: 1.

HIPAA 52

HIPAA Compliance Officers Compliance Ransomware 52

HIT Consultant

JANUARY 3, 2023

With the advent of ransomware-as-a-service combined with a lack of resources to investigate attacks in-house for healthcare organizations, elaborate and devastating cyber attacks against healthcare, specifically through business communication channels are likely to increase in scale and sophistication. . Jumping Over the Compliance Hurdle.

Compliance 52

Compliance Ransomware Fraud Regulatory Compliance 52

HIPAA Journal

APRIL 28, 2023

Healthcare hacking incidents are increasing, there are new regulatory requirements and compliance initiatives due to Dobbs and Pixel use, and lawsuits against healthcare organizations over privacy violations are soaring. That surge has coincided with increases in ransom demands, paid ransoms, and ransomware recovery times.

HIPAA 97

HIPAA Ransomware Compliance Hospitals 97

Compliancy Group

NOVEMBER 1, 2023

This is the first ransomware agreement OCR has reached. The Attack and the Settlement After filing a breach report with OCR in 2019 reporting a ransomware attack that compromised the protected health information (PHI) of 206,695 patients, the OCR launched an investigation into the BA’s HIPAA compliance.

Ransomware 52

Ransomware HIPAA Compliance Doctors 52

Healthcare IT Today

SEPTEMBER 16, 2023

Ransomware attacks in healthcare seem to make headlines every day – and it’s because criminals know organizations are vulnerable and willing to pay, according to Steven Stone at Rubrik. Bolstering cybersecurity means having a clear view of your data, reducing the spread of key data, and going beyond just what compliance requires.

Ransomware 95

Ransomware HIPAA Compliance Hospitals 95

Health Law RX

DECEMBER 21, 2023

Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity vulnerabilities as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA Rules).

HIPAA 52

HIPAA Ransomware Compliance Medicaid 52

Compliancy Group

MARCH 23, 2023

A class-action lawsuit stemming from a February 2023 healthcare data breach in Pennsylvania further illustrates the need for an effective HIPAA compliance strategy, including data security and controls. Make Sure You’re HIPAA Compliant HIPAA and cybersecurity go hand-in-hand. Attorney’s Office.

Ransomware 52

Ransomware HIPAA Compliance Hospitals 52

HIPAA Journal

JANUARY 24, 2023

Time will tell whether this trend will continue in 2023, although the lull in data breaches appears to have continued so far this year with an atypically low number of breaches currently showing on the OCR data breach portal this month. million in 2023, although data breaches can be significantly more expensive.

Ransomware 113

Ransomware HIPAA Hospitals Fraud 113

AIHC

MARCH 12, 2024

Please read other AI articles published by the American Institute of Healthcare Compliance regarding how AI can advance quality of care, how AI is regulated, use of AI and HIPAA privacy/security, to name a few topics. appeared first on American Institute of Healthcare Compliance. How does it work?

Ransomware 59

Ransomware Governance Compliance HIPAA 59

AIHC

MARCH 12, 2024

Please read other AI articles published by the American Institute of Healthcare Compliance regarding how AI can advance quality of care, how AI is regulated, use of AI and HIPAA privacy/security, to name a few topics. appeared first on American Institute of Healthcare Compliance. How does it work?

Ransomware 52

Ransomware Governance Compliance HIPAA 52

HIPAA Journal

MAY 1, 2024

CommonSpirit Health suffered a ransomware attack on October 2, 2022, that affected more than 100 CommonSpirit Health facilities across the United States. The post Federal Judge Tosses CommonSpirit Health Data Breach Lawsuit Due to Lack of Standing appeared first on HIPAA Journal. One of those lawsuits, Bonnie Maser v. Leineweber.

Fraud 97

Fraud Ransomware HIPAA Health Insurance 97

HIPAA Journal

JULY 24, 2023

The 2023 IBM Security Cost of a Data Breach Report shows the average data breach cost has increased to $4.45 All data breaches studied for the report occurred between March 2022 and March 2023. In 2023, the average detection (204 days) and containment (73 days) time was 277 days. million, up 0.4% from last year. There was a 21.4%

Ransomware 73

Ransomware HIPAA Compliance 73

MedTrainer

MARCH 19, 2023

Today’s climate of healthcare cybersecurity risks has many organizations feeling vulnerable and ill-prepared to address the daily threats and ongoing compliance requirements. There are distinct advantages to sharing patient information , but it means everyone in the healthcare organization plays a role, including compliance teams.

HIPAA 52

HIPAA Compliance Ransomware 52

YouCompli

JULY 3, 2023

“On the penalty side, we have issues like ransomware, which is rampant,” Scavotto says.   “In healthcare, we have to conduct a HIPAA security risk analysis as well as invest in cybersecurity so that we don’t lose access to data or have a breach. Patients’ expectations of privacy exceed what HIPAA requires.

Compliance 52

Compliance Compliance Officers HIPAA Ransomware 52

AIHC

NOVEMBER 6, 2023

The focus of this article is to “connect the dots” between Health Insurance Portability & Accountability Act (HIPAA) and HITECH regarding privacy and security of electronically protected health information (ePHI). HITECH puts a “bite” into specific elements of the HIPAA rule, such as higher penalty amounts for non-compliance.

HIPAA 59

HIPAA Compliance Governance Health Insurance 59

Compliancy Group

MAY 4, 2023

In late April 2023, Aspen Dental announced that it was the victim of a cyberattack that shut down its appointment scheduling systems, phone systems, and other business applications. Breaches often result in HIPAA fines when practices fail to implement an effective HIPAA compliance program. Get HIPAA compliant today!

ADA 52

ADA HIPAA Compliance Ransomware 52

AIHC

NOVEMBER 6, 2023

The focus of this article is to “connect the dots” between Health Insurance Portability & Accountability Act (HIPAA) and HITECH regarding privacy and security of electronically protected health information (ePHI). HITECH puts a “bite” into specific elements of the HIPAA rule, such as higher penalty amounts for non-compliance.

HIPAA 52

HIPAA Compliance Governance Health Insurance 52

HIT Consultant

AUGUST 13, 2023

billion in 2023. Those disparate systems make it difficult for MSPs to identify the potential for an attack and remediate vulnerabilities before cybercriminals can access sensitive data or deploy ransomware. Ransomware. Legacy systems. These outdated systems may be too expensive to upgrade or have compatibility issues.

Ransomware 98

Ransomware Fraud Health Insurance Public Health 98

Compliancy Group

JULY 20, 2023

The audacious breach was discovered on May 31, 2023, when the hospital’s vigilant security team detected suspicious activity within their digital halls. It appears this was no ordinary plundering but rather an attempted ransomware attack. Prevent HIPAA Breaches Don’t fall victim to breaches. million patients. Please Wait.

Electronic Medical Records 52

Electronic Medical Records Hospitals HIPAA Ransomware 52

Healthcare IT Today

JANUARY 3, 2024

Scott Lundstrom, Senior Healthcare Strategist at OpenText Cybersecurity Accelerated move to zero trust: The healthcare industry is struggling against a dramatic increase in malware and ransomware attacks. The HIPAA Security Rule was drafted in 2003 and has not been substantively updated since that time.

US Department of Health and Human Services 110

US Department of Health and Human Services Ransomware Hospitals HIPAA 110