HIPAA Journal

APRIL 8, 2024

Between October 9, 2021, and October 17, 2021, hackers accessed the Planned Parenthood Los Angeles network , exfiltrated sensitive patient data, and used ransomware to encrypt files. Planned Parenthood discovered the ransomware attack on October 17, 2021, and confirmed on November 4, 2021, that the stolen files contained patient data.

Ransomware 77

Ransomware HIPAA Health Insurance Fraud 77

HIPAA Journal

APRIL 23, 2024

Notification letters have been sent to more than 34,500 individuals about ransomware attacks that occurred more than 9 months ago. The post Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks appeared first on HIPAA Journal.

Ransomware 92

Ransomware Fraud Licensing HIPAA 92

HIPAA Journal

JUNE 8, 2023

a provider of call center and customer experience software technology to large enterprises, has recently confirmed that it fell victim to a ransomware attack on a limited portion of its network. The post Alvaria Confirms November 2022 Hive Ransomware Attack appeared first on HIPAA Journal. (formerly Aspect Software, Inc.),

Ransomware 52

Ransomware Fraud HIPAA Health Insurance 52

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA 82

HIPAA Ransomware Health Insurance Compliance 82

HIPAA Journal

JANUARY 31, 2023

San Andreas Regional Center – was filed in the Superior Court of California in response to the breach alleging the healthcare provider was negligent for failing to implement reasonable cybersecurity measures to protect against ransomware attacks, despite being aware of the high risk of attacks on the healthcare sector.

Ransomware 61

Ransomware Fraud Health Insurance HIPAA 61

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 65

Ransomware Fraud HIPAA Licensing 65

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. Colorado-based Salud Family Health, a Federal Qualified Health Center (FQHC), has recently provided an update on a September 2022 cyberattack and has confirmed that patient data was potentially stolen. The electronic record system was unaffected.

Ransomware 82

Ransomware Health Insurance Hospitals Fraud 82

Medisys Compliance

APRIL 27, 2022

The Health Insurance Portability and Accountability Act (HIPAA) was introduced in year 1996. As the name suggests, it was created to ensure that all ‘protected health information’ was appropriately secured and restricted access to be given only to authorized individuals. Another goal was to prevent healthcare fraud.

HIPAA 52

HIPAA Medical Billing Outsourcing Medical Billing Ransomware 52

HIPAA Journal

JUNE 15, 2023

In the meantime, Johns Hopkins urges all students, faculty staff, and their dependents to take immediate action to protect their personal information, including conducting reviews of their statements, credit reports, and accounts for unusual activity, and should consider placing a fraud alert and credit freeze with a national credit bureau.

Ransomware 99

Ransomware Health Insurance Fraud HIPAA 99

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. The post Electromed Proposes $825,000 Class Action Data Breach Settlement appeared first on HIPAA Journal.

Ransomware 85

Ransomware Fraud Licensing Health Insurance 85

HIPAA Journal

JANUARY 24, 2023

The theft of protected health information places patients and health plan members at risk of identity theft and fraud, but by far the biggest concern is the threat to patient safety. Multiple studies have identified an increase in mortality rates at hospitals following ransomware attacks and other major cyber incidents.

Ransomware 114

Ransomware HIPAA Hospitals Fraud 114

HIPAA Journal

FEBRUARY 21, 2022

EHRs usually contain all the information required for multiple types of fraud, including names, addresses, dates of birth, Social Security numbers, other government and state ID numbers, health data, and health insurance information. Malware, and especially ransomware, pose a significant threat to EHRs.

Ransomware 127

Ransomware Fraud HIPAA Health Insurance 127

HIPAA Journal

SEPTEMBER 7, 2022

The Morristown, VT-based healthcare provider, Lamoille Health Partners, is facing a class action lawsuit over a June 2022 ransomware attack that affected almost 60,000 of its patients. Lamoille Health Partners Inc. The lawsuit – Marshall v. – was filed in the U.S. Byrne of Gravel and Shea.

HIPAA 106

HIPAA Ransomware Fraud Health Insurance 106

HIPAA Journal

FEBRUARY 8, 2024

Azura Vascular Care said individuals who had sensitive information exposed such as Social Security numbers have been offered complimentary identity protection, credit monitoring, and fraud resolution services. Data exfiltration is common in ransomware attacks, but no evidence of data theft was identified during the forensic investigation.

Ransomware 83

Ransomware Electronic Medical Records Licensing Health Insurance 83

HIPAA Journal

FEBRUARY 14, 2023

Another lawsuit has been filed against Connexin Software over its August 2022 ransomware attack and data breach, which affected more than 2.2 On August 26, 2022, Connexin discovered hackers had gained access to its systems and used ransomware to encrypt files. Million-Record Data Breach appeared first on HIPAA Journal.

Electronic Medical Records 82

Electronic Medical Records Ransomware HIPAA Fraud 82

HIPAA Journal

AUGUST 2, 2023

Notification letters will be sent to the affected individuals in the coming weeks and credit monitoring, fraud consultation, and identity theft restoration services will be offered. Cheyenne Radiology Group & MRI Reports December 2022 Ransomware Attack Cheyenne Radiology Group & MRI, P.C.

Licensing 72

Licensing Electronic Medical Records Ransomware Health Insurance 72

HIPAA Journal

JUNE 23, 2023

A lawsuit has been filed against Intellihartx, LLC, (aka ITx Companies), over a cyberattack by the Clop ransomware group that exploited a vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) solution. The protected health information of 490,000 patients of its healthcare clients was compromised in the attack in late January.

HIPAA 88

HIPAA Ransomware Fraud Health Insurance 88

HIPAA Journal

SEPTEMBER 8, 2022

Notification letters were sent to affected individuals in August and information was provided on the steps that individuals can take to reduce the risk of identity theft and fraud, but it would appear that credit monitoring and identity theft protection services are not being offered. million individuals was compromised in the attack.

Fraud 99

Fraud Health Insurance Ransomware HIPAA 99

HIPAA Journal

SEPTEMBER 13, 2023

A class action lawsuit has been filed against the student healthcare insurer UnitedHealthcare Services, which does business as UnitedHealthcare Student Resources, over its MOVEit Transfer data breach in May 2023. The post UnitedHealthcare Services Sued for MOVEit Transfer Data Breach appeared first on HIPAA Journal. and Mark S.

Ransomware 69

Ransomware Fraud Health Insurance HIPAA 69

AIHC

APRIL 10, 2024

HITECH is a critical aspect of the Health Insurance Portability & Accountability Act (HIPAA). Since 2009, HITECH has given “teeth” to HIPAA law. What’s the difference between HIPAA and HITECH? HIPAA guarantees patients access to their paper medical records. Are all communications secure and private?

Compliance 99

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records 99

HIPAA Journal

MARCH 25, 2022

Ultimate Care said no reports have been received that indicate there has been any misuse of patient information; however, as a precaution against identity theft and fraud, individuals whose Social Security numbers were impacted have been offered complimentary one-year memberships with a credit monitoring service.

Health Insurance 109

Health Insurance Licensing Ransomware Fraud 109

HIPAA Journal

OCTOBER 14, 2022

Data compiled by HIPAA Journal from breach reports submitted to the HHS’ Office for Civil Rights (OCR) show the number of data breaches reported by HIPAA-regulated entities continues to increase every year. Many of the hacking incidents now being reported by healthcare providers involve the use of ransomware.

Ransomware 112

Ransomware HIPAA Health Insurance Hospitals 112

HIPAA Journal

SEPTEMBER 8, 2022

Notification letters were sent to affected individuals in August and information was provided on the steps that individuals can take to reduce the risk of identity theft and fraud, but it would appear that credit monitoring and identity theft protection services are not being offered. million individuals was compromised in the attack.

Fraud 69

Fraud Health Insurance Ransomware HIPAA 69

HIPAA Journal

MARCH 24, 2022

The breach notice uploaded to Chelan Douglas Health District website does not disclose when the breach was detected but says a third-party cybersecurity company was engaged to investigate the cyberattack and confirmed that its network was accessed by unauthorized individuals between July 2 and July 4, 2021.

Ransomware 125

Ransomware Fraud Hospitals HIPAA 125

HIPAA Journal

JULY 27, 2023

Norton Healthcare has only disclosed limited information about the attack; however, the BlackCat ransomware group announced that it was behind the cyberattack and leaked some of the data stolen from Norton Healthcare on its data leak site. The lawsuit also seeks 10 years of credit monitoring services for all victims of the breach.

Ransomware 52

Ransomware Fraud Licensing Health Insurance 52

HIPAA Journal

MAY 18, 2023

Larger healthcare providers may temporarily divert ambulances and cancel some appointments following a ransomware attack but do not typically halt operations, but smaller healthcare providers may be left with little alternative. The Department of Health said the spreadsheet did not contain names, birthdates, addresses, or contact information.

Ransomware 74

Ransomware Fraud HIPAA Health Insurance 74

HIPAA Journal

APRIL 25, 2023

Santa Clara Family Health Plan Confirmed as Victim of Clop GoAnywhere Hack Santa Clara Family Health Plan has confirmed the 276,993-record data breach reported to the HHS’ Office for Civil Rights on March 30, 2023, was due to the hacking of Fortra’s GoAnywhere MFT solution by the Clop ransomware group.

Health Insurance 85

Health Insurance Public Health Ransomware Fraud 85

HIT Consultant

AUGUST 13, 2023

Here are seven identified cybersecurity vulnerabilities that can reveal a patient’s data and expose these healthcare organizations to fraud and fines: Limited budgets. Department of Health and Human Services (HHS) is currently investigating hundreds of cases associated with these phishing and hacking scams. Ransomware.

Ransomware 93

Ransomware Fraud Health Insurance HIPAA 93

HIPAA Journal

AUGUST 17, 2022

In April 2020, Musculoskeletal Institute, dba Florida Orthopaedic Institute, discovered an unauthorized third party had gained access to a server that contained patients’ protected health information (PHI) and used ransomware to encrypt files. The final approval hearing for the settlement is September 29, 2022.

Ransomware 74

Ransomware Fraud HIPAA Health Insurance 74

HIPAA Journal

SEPTEMBER 28, 2022

Wolfe Clinic said names, addresses, birth dates, Social Security numbers, diagnostic information, and health insurance information were potentially compromised. At the time of issuing notifications, Wolfe Clinic had not received any reports of identity theft and fraud related to the Eye Care Leaders data breach.

Electronic Medical Records 77

Electronic Medical Records Ransomware Fraud HIPAA 77

AIHC

APRIL 10, 2024

HITECH is a critical aspect of the Health Insurance Portability & Accountability Act (HIPAA). Since 2009, HITECH has given “teeth” to HIPAA law. What’s the difference between HIPAA and HITECH? HIPAA guarantees patients access to their paper medical records. Are all communications secure and private?

Compliance 52

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records 52

HIT Consultant

JANUARY 3, 2023

With the advent of ransomware-as-a-service combined with a lack of resources to investigate attacks in-house for healthcare organizations, elaborate and devastating cyber attacks against healthcare, specifically through business communication channels are likely to increase in scale and sophistication. .

Compliance 52

Compliance Ransomware Fraud Regulatory Compliance 52

Compliancy Group

MAY 27, 2022

Almost as surely as summer follows spring, lawsuits follow breaches of protected health information. Here’s a roundup of recent HIPAA breach lawsuits and settlements. Lawsuits Increasing Following HIPAA Breaches – Facts and Figures. 35% of healthcare breaches involved ransomware attacks, vs. 20% in 2020.

HIPAA 98

HIPAA Ransomware Compliance Hospitals 98

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. This coincides with the 60-day reporting deadline of the HIPAA Breach Notification Rule.

Ransomware 89

Ransomware HIPAA Fraud Hospitals 89

Compliancy Group

JANUARY 25, 2022

With at least six weeks before final numbers are in, the Department of Health and Human Services HIPAA Breach Reporting Tool website is reporting 713 major healthcare data breaches in 2021, an increase of more than 7.5 Protected health information (PHI) from more than 45.7 million individuals.

HIPAA 98

HIPAA Ransomware Governance Compliance 98

HIPAA Journal

MAY 18, 2023

The Department of Health and Human Services’ Office for Civil Rights is the main enforcer of HIPAA compliance; however, state Attorneys General also play a role in enforcing compliance with the Rules of the Health Insurance Portability and Accountability Act (HIPAA). Community Health Systems/CHSPSC, Anthem Inc.,

HIPAA 96

HIPAA Compliance Ransomware Hospitals 96

HIPAA Journal

MAY 17, 2023

In April 2023, the Money Message ransomware group announced it had breached the systems of PharMerica and its parent company, BrightSpring Health Services, and added both to its data leak site. That makes it the largest healthcare data breach to be reported by a single HIPAA-covered entity so far in 2023.

Ransomware 95

Ransomware HIPAA Fraud Health Insurance 95