Health Insurance, HIPAA and Licensing - Health Care Compliance Brief

Our “Preconceived” Notions of HIPAA

Bill of Health

MARCH 9, 2024

The film Preconceived , premiering at SXSW this week, shines a bright light on anti-abortion “Crisis Pregnancy Centers” (CPCs), including their disturbing take on the Health Insurance Portability and Accountability Act (HIPAA). HIPAA takes center stage near the end of the film. Is Stanton a HIPAA-covered entity?

HIPAA

HIPAA Licensing Health Insurance Compliance

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Schneck Medical Center has agreed to pay a penalty of $250,000 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws and will implement additional safeguards to prevent further data breaches.

HIPAA

HIPAA Ransomware Health Insurance Fraud

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

The review of the compromised email accounts confirmed they contain information such as names, addresses, dates of birth, driver’s license numbers, state identification card numbers, financial account numbers, usernames and passwords, payment card information, medical histories, and health insurance information.

HIPAA

HIPAA Licensing Health Insurance Fraud

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

HIPAA Journal

APRIL 25, 2024

The exposed and stolen data included contact information, Social Security numbers, driver’s license numbers, financial information, health insurance information, medical records, medical histories, diagnoses/conditions, and health insurance information.

Fraud

Fraud Health Insurance Licensing HIPAA

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

HIPAA Journal

MAY 2, 2022

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft of the protected health information of tens of thousands of individuals. La Casa de Salud, New York. Valley View Hospital, Colorado.

HIPAA

HIPAA Health Insurance Licensing Hospitals

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

HIPAA Journal

AUGUST 10, 2023

The Ottumwa Fire Department in Iowa has recently fired employees for alleged violations of the HIPAA Rules and other misconduct. The post Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations appeared first on HIPAA Journal. The information involved varied from individual to individual.

HIPAA

HIPAA Ransomware Licensing Health Insurance

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA

HIPAA Ransomware Health Insurance Compliance

Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks

HIPAA Journal

APRIL 23, 2024

The review of the affected files was completed on February 7, 2024, and confirmed some or all of the following information was compromised: name, date of birth, Social Security number, driver’s license number, medical information, and/or health insurance information.

Ransomware

Ransomware Fraud Licensing HIPAA

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

Total HIPAA

MAY 23, 2022

What is Protected Health Information (PHI)? The Health Insurance Portability and Accountability Act ( HIPAA ) is a 1996 federal law that regulates privacy standards in the healthcare sector. Since 1996, Congress has passed additional laws to adapt HIPAA in accordance with new technological advancements.

HIPAA

HIPAA Due Diligence Compliance Health Insurance

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

The Health Law Firm Blog

MARCH 23, 2024

Board Certified by The Florida Bar in Health Law On December 15, 2022, the Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that Health Specialists of Central Florida, Inc., will pay $20,000 to resolve alleged violations of the Health Insurance Portability and [.]

HIPAA

HIPAA Health Insurance Licensing Compliance

Avalon Healthcare Settles HIPAA Case with Oregon and Utah State AGs and Pays $200,000 Penalty

HIPAA Journal

DECEMBER 30, 2022

Avalon Healthcare has agreed to settle alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws with the Oregon and Utah Attorneys General that were uncovered during an investigation of a 2019 breach of the personal and protected health information of 14,500 of its employees and patients.

HIPAA

HIPAA Compliance Compliance Officers Licensing

California Dental Practice Pays $23,000 Settlement For Potential HIPAA Privacy Violations Involving Yelp Posts

The Health Law Firm Blog

APRIL 12, 2024

Board Certified by The Florida Bar in Health Law On December 14, 2022, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled with New Vision Dental (NVD) over a potential HIPAA Privacy violation. Indest III, J.D., The California-based dental practice paid $23,000 to OCR and [.]

HIPAA

HIPAA Licensing Health Insurance Compliance

Implications of Noncompliance with HIPAA: What to Expect as a Healthcare Organization

Compliancy Group

APRIL 19, 2023

Wondering why your practice or organization should be HIPAA compliant? In the United States, the Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to regulate the handling and protecting confidential medical information. million per year for each violation of HIPAA.

HIPAA

HIPAA Compliance Licensing Health Insurance

Medusa Ransomware Group Leaks Data Stolen from American Renal Associates

HIPAA Journal

APRIL 8, 2024

The leaked data includes patient names, dates of birth, phone numbers, email addresses, medical records, Social Security numbers, copies of passports and driver’s licenses, health insurance information, and company data. The investigation uncovered evidence of unauthorized access to files that contained patient information.

Ransomware

Ransomware Health Insurance Licensing HIPAA

November 8, 2023, Healthcare Data Breach Round-Up

HIPAA Journal

NOVEMBER 8, 2023

Third-party forensics experts were engaged to investigate the breach and determined that its systems were compromised between September 1, 2023, and September 5, 2023, and during that time, files were exfiltrated that contained personal and protected health information.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

HIPAA Journal

SEPTEMBER 8, 2023

For patients, the affected information included name, address, email, phone number(s), birth date, Social Security number, driver’s license number, health insurance policy information, treatment information including radiographic images, medical record number, account number, and health conditions.

Licensing

Licensing Ransomware Health Insurance HIPAA

NY AG Fines Medical Management Company $550,000 for Patch Management Failures

HIPAA Journal

MAY 24, 2023

The leaked data included screenshots of 13 patients’ protected health information. The protected health information stored on its systems was also not encrypted. The New York Attorney General determined that these failures violated state law and the federal Health Insurance Portability and Accountability Act (HIPAA).

HIPAA

HIPAA Ransomware Licensing Health Insurance

SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit

HIPAA Journal

MAY 11, 2023

Million Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal. Affected individuals were notified on March 25, 2022, 8 months after the breach was detected. Claims must be submitted by July 5, 2023, and the final approval hearing for the settlement has been scheduled for August 28, 2023. The post SuperCare Proposes $2.25

HIPAA

HIPAA Health Insurance Licensing Hospitals

Credential Stuffing Attack Exposed United HealthCare Member Data

HIPAA Journal

MAY 2, 2023

The accounts subjected to unauthorized access included information such as names, birthdates, addresses, health insurance member ID numbers, service dates, provider names, claim details, and group names and numbers. No Social Security numbers, financial information, or driver’s license numbers were exposed.

Licensing

Licensing Health Insurance Hospitals HIPAA

Dental Practice Pays $23,000 For Potential HIPAA Privacy Violations Involving Yelp Posts

The Health Law Firm Blog

SEPTEMBER 11, 2023

Board Certified by The Florida Bar in Health Law On December 14, 2022, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled with New Vision Dental (NVD) over a potential HIPAA Privacy violation. Indest III, J.D., The California-based dental practice paid $23,000 to OCR and [.]

HIPAA

HIPAA Licensing Health Insurance Compliance

Cummins Behavioral Health Reports 157K Record Data Breach

HIPAA Journal

AUGUST 16, 2023

The information removed from its systems included names, addresses, dates of birth, Social Security numbers, driver’s license/State ID numbers, financial account information, payment card information, usernames/passwords, health insurance information, and medical information.

Licensing

Licensing Health Insurance HIPAA Public Health

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

The exposed information included names, dates of birth, Social Security numbers, driver’s license numbers, clinical/diagnosis information, health insurance member ID numbers, medical record numbers, and Medicare or Medicaid numbers. No evidence of data theft or misuse of information has been detected.

Health Insurance

Health Insurance Licensing Fraud HIPAA

San Juan Regional Medical Center Settles Data Breach Lawsuit

HIPAA Journal

DECEMBER 2, 2022

While legal action was not taken over a HIPAA violation, the lawsuit alleged the lack of appropriate safeguards constituted a HIPAA violation. The post San Juan Regional Medical Center Settles Data Breach Lawsuit appeared first on HIPAA Journal. All claims must be submitted by February 8, 2023.

Licensing

Licensing HIPAA Ransomware Health Insurance

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

HIPAA Journal

JULY 11, 2022

Phoenixville Hospital Fires Employee for HIPAA Violation. According to the hospital operator, Tower Health, the unauthorized access was discovered during a routine audit of medical record access logs. Some of the accessed records included partial Social Security numbers and health insurance information.

Hospitals

Hospitals HIPAA Health Insurance Licensing

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

HIPAA Journal

JULY 5, 2022

Individuals who had their Social Security numbers or driver’s license numbers exposed have been offered complimentary credit monitoring and identity theft protection services. The post Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care appeared first on HIPAA Journal.

Licensing

Licensing Electronic Medical Records Health Insurance Hospitals

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

HIPAA Journal

AUGUST 2, 2023

The files contained information such as names, birthdates, signatures, insurance details, contact information, government identification numbers including driver’s licenses and Social Security numbers, medical history/treatment information, and financial information.

Licensing

Licensing Electronic Medical Records Ransomware Health Insurance

Healthcare Supplier Compliance Checklist

MedTrainer

APRIL 22, 2024

For example, a healthcare IT vendor should include items related to HIPAA, while a checklist for a food vendor should focus on FDA or USDA regulations. HIPAA Compliance Implement appropriate administrative, physical, and technical safeguards to protect PHI. Develop and maintain HIPAA-compliant policies and procedures for handling PHI.

Compliance

Compliance HIPAA Licensing Fraud

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

HIPAA Journal

MARCH 29, 2023

While there have been no reported instances of misuse of patient data, OU Health could not rule out unauthorized access to patient data. The post Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals appeared first on HIPAA Journal.

Hospitals

Hospitals Ransomware Licensing Health Insurance

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

HIPAA Journal

OCTOBER 7, 2022

HIPAA Journal has not yet been able to establish exactly how many Anthem Blue Cross members have been affected. No financial information, Social Security numbers, or driver’s license numbers were taken. The post PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon appeared first on HIPAA Journal.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Cyberattack Affects Multiple Residential Care Facilities in Pennsylvania

HIPAA Journal

JULY 3, 2023

To meet the breach reporting requirements of the HIPAA Breach Notification Rule, the breach has been reported to the HHS by The Williamsport Home and Senior Choice as affecting at least 500 individuals. The post Cyberattack Affects Multiple Residential Care Facilities in Pennsylvania appeared first on HIPAA Journal.

HIPAA

HIPAA Licensing Health Insurance Nurses

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

The Health Law Firm Blog

DECEMBER 28, 2022

Board Certified by The Florida Bar in Health Law On December 15, 2022, the Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that Health Specialists of Central Florida, Inc., will pay $20,000 to resolve alleged violations of the Health Insurance Portability and [.].

HIPAA

HIPAA Health Insurance Licensing Compliance

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

HIPAA Journal

MARCH 18, 2022

Country Medical Services had run the hospital for 9 years; however, an investigation by the state Department of Health identified almost 3 dozen potential violations of the Emergency Medical Treatment and Labor Act, as the hospital was unable to provide emergency services. I am holding the hospital and its owners accountable.”.

Licensing

Licensing HIPAA Hospitals Health Insurance

Sutter Senior Care and Allegheny County Have Data Compromised in MOVEit Transfer Hacks

HIPAA Journal

AUGUST 2, 2023

Sutter SeniorCare PACE, a nonprofit health plan based in Sacramento, CA, has also recently confirmed that it was affected and had plan member data compromised in the attacks. The post Sutter Senior Care and Allegheny County Have Data Compromised in MOVEit Transfer Hacks appeared first on HIPAA Journal.

Licensing

Licensing HIPAA Health Insurance

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

AHA discovered the email breach in early September 2021 and determined on December 2, 2021, that files containing the protected health information of its healthcare provider clients had been accessed. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance

Health Insurance Licensing Ransomware Fraud

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

HIPAA Journal

JUNE 8, 2023

Names, addresses, Social Security numbers, and health insurance were impermissibly disclosed. The post Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources appeared first on HIPAA Journal. MCNA Dental has offered affected individuals complimentary credit monitoring services.

Medicaid

Medicaid Medicaid Ransomware Health Insurance

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

HIPAA Journal

MAY 17, 2022

The review of the files revealed they mostly contained protected health information such as names, addresses, medical information, and/or health insurance information. Notification letters have now been sent to the 28,024 patients whose protected health information has potentially been compromised.

Health Insurance

Health Insurance Licensing Ransomware HIPAA

Activate Healthcare Reports Security Breach Affects Up to 93,761 Patients

HIPAA Journal

JUNE 30, 2023

On April 29, 2023, it was confirmed that files had been exfiltrated that included patient information such as names, dates of birth, addresses, Social Security numbers, driver’s license numbers, and clinical information, such as provider names, dates of service, and/or diagnoses.

Licensing

Licensing Health Insurance Records Management HIPAA

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

HIPAA Journal

AUGUST 3, 2022

The two health insurance firms confirmed they had been affected in late February 2022, with PracticeMax publicly reporting the breach in the fall of 2021. The post Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack appeared first on HIPAA Journal.

Ransomware

Ransomware Health Insurance Licensing HIPAA

Advanced Medical Management Reports Data Breach Affecting 319,485 Individuals

HIPAA Journal

JULY 7, 2023

A review was conducted of all files on the compromised systems and confirmed they contained information such as names, addresses, email addresses, phone numbers, dates of birth, driver’s license numbers, Social Security numbers, and health insurance information.

Licensing

Licensing HIPAA Health Insurance Governance

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

HIPAA Journal

FEBRUARY 16, 2022

The information potentially compromised in the attack included names, dates of birth, Social Security numbers, medical diagnoses, treatment information, and health insurance information. Vendor Email Account Breach Affects Over 6,000 Memorial Hermann Health System Patients.

Electronic Medical Records

Electronic Medical Records Health Insurance Licensing HIPAA

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

HIPAA Journal

SEPTEMBER 9, 2022

Those emails contained patient information such as names, dates of birth, Social Security numbers, medical information, health insurance information, driver’s license numbers, and state ID numbers. The post Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

Licensing

Licensing Health Insurance Fraud HIPAA

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Bill of Health

JUNE 5, 2023

medical licensing exam , diagnose illnesses , and even outshine human doctors on measures of perceived empathy , raising many questions about how AI will reshape health care as we know it. In the field of medicine, ChatGPT already has been reported to ace the U.S. But what happens when AI gets things wrong?

Malpractice

Malpractice FDA HIPAA Doctors

Atlanta Women’s Health Group Data Breach Impacts 33,800 Patients

HIPAA Journal

JUNE 21, 2023

Approximately 13,700 of the affected individuals were members of Vermont Blue Advantage Health Insurance Plans, around 2,250 individuals were members of Vermont Blue Advantage Plans, and the remainder of the affected individuals were members of other insurance plans.

Health Insurance

Health Insurance Licensing HIPAA Medicare

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

HIPAA Journal

MAY 24, 2022

The post Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack appeared first on HIPAA Journal. A class action lawsuit has already been filed on behalf of individuals affected by the breach.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Our “Preconceived” Notions of HIPAA

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Trending Sources

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

Avalon Healthcare Settles HIPAA Case with Oregon and Utah State AGs and Pays $200,000 Penalty

California Dental Practice Pays $23,000 Settlement For Potential HIPAA Privacy Violations Involving Yelp Posts

Implications of Noncompliance with HIPAA: What to Expect as a Healthcare Organization

Medusa Ransomware Group Leaks Data Stolen from American Renal Associates

November 8, 2023, Healthcare Data Breach Round-Up

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

NY AG Fines Medical Management Company $550,000 for Patch Management Failures

SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit

Credential Stuffing Attack Exposed United HealthCare Member Data

Dental Practice Pays $23,000 For Potential HIPAA Privacy Violations Involving Yelp Posts

Cummins Behavioral Health Reports 157K Record Data Breach

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

San Juan Regional Medical Center Settles Data Breach Lawsuit

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

Healthcare Supplier Compliance Checklist

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

Cyberattack Affects Multiple Residential Care Facilities in Pennsylvania

Florida Primary Care Practice Settles HIPAA Investigation for $20,000

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

Sutter Senior Care and Allegheny County Have Data Compromised in MOVEit Transfer Hacks

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

Activate Healthcare Reports Security Breach Affects Up to 93,761 Patients

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

Advanced Medical Management Reports Data Breach Affecting 319,485 Individuals

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Atlanta Women’s Health Group Data Breach Impacts 33,800 Patients

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

Stay Connected