Medicaid and Ransomware - Health Care Compliance Brief

Reactions to the Ascension Healthcare Ransomware Attack and Suggestions for Healthcare Organizations

Healthcare IT Today

MAY 16, 2024

While it’s amazing to consider two breaches and ransomware incidents the size of Change Healthcare and Ascension could happen so closely together, it’s very clear that healthcare is a target and we need to massively increase our investment in security to show we’ve learned from these experiences.

Ransomware

Ransomware US Department of Health and Human Services Hospitals Compliance

UnitedHealth Group Confirms Data Stolen in Change Healthcare Ransomware Attack

HIPAA Journal

MARCH 29, 2024

It has been more than 5 weeks since Change Healthcare suffered a Blackcat ransomware attack. Department of State Offers $10 Million Reward for Information on ALPHV/Blackcat Ransomware Group The U.S. While around 20 services have now resumed, more than 100 are still offline.

Ransomware

Ransomware US Department of Health and Human Services HIPAA Hospitals

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients. Lifespan Services Suffers Ransomware Attack. Charlotte, NC-based Lifespan Services, a non-profit provider of services to individuals with disabilities, has recently confirmed it was the victim of a ransomware attack that affected data on its servers.

Ransomware

Ransomware Fraud HIPAA Licensing

Ransomware Attack Key Factor in Decision to Close Rural Illinois Hospital

HIPAA Journal

JUNE 14, 2023

Ransomware attacks can cause healthcare facilities to temporarily close and small healthcare practices have made the decision not to reopen after a ransomware attack, but hospitals and health systems are usually financially resilient enough to remediate the attacks and recover, but not St. Margaret’s Health. Margaret’s Health.

Ransomware

Ransomware Hospitals COVID-19 HIPAA

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

HIPAA Journal

JUNE 8, 2023

The Iowa Department of Health and Human Services has announced there have been three separate breaches of the protected health information of Iowa Medicaid recipients in the past two months – two hacking incidents and an impermissible disclosure, all three of which involved third-party contractors.

Medicaid

Medicaid Medicaid Ransomware Health Insurance

Up to 254,000 Medicare Beneficiaries Affected by Ransomware Attack on CMS Subcontractor

HIPAA Journal

DECEMBER 15, 2022

It has now been confirmed that HMS suffered a ransomware attack on October 8, 2022. HMS is a subcontractor of ASRC Federal Data Solutions, LLC (ASRC Federal), which is a business associate of the HHS’ Centers for Medicare and Medicaid Services (CMS). At the time, few details about the breach were released.

Ransomware

Ransomware Medicare Medicare HIPAA

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

HIPAA Journal

APRIL 14, 2023

The Iowa Department of Health and Human Services (DHHS) has confirmed that the personal information of 20,800 Iowans who receive Medicaid was exposed in a cyberattack at a subcontractor of one of its business associates between June 30, 2022, and July 5, 2022. Telligen performs annual assessments on Medicaid recipients for the Iowa DHSS.

Medicaid

Medicaid Medicaid Ransomware HIPAA

Ransomware Gangs Claim Three Healthcare Victims

HIPAA Journal

MAY 26, 2023

That appears to be the case with two recent cyberattacks, neither of which mention ransomware or confirm that data theft occurred. Since it appears from the claims of the ransomware groups that data has been stolen, affected individuals should ensure they take advantage of those complimentary services. provide more information.

Ransomware

Ransomware Health Insurance HIPAA Licensing

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. Patient Data Potentially Compromised in Jackson County Hospital Ransomware Attack. FCHC said it has implemented additional technical safeguards.

Ransomware

Ransomware Hospitals Licensing HIPAA

LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data

HIPAA Journal

AUGUST 8, 2023

The LockBit ransomware group has added Varian Medical Systems to its data leak site and has threatened to publish the data of cancer patients if the ransom is not paid. The post LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data appeared first on HIPAA Journal.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Ransomware Attack on Medical Associates of the Lehigh Valley Affects 75K Patients

HIPAA Journal

SEPTEMBER 14, 2022

Medical Associates of the Lehigh Valley in Pennsylvania (MATLV) has announced that it recently fell victim to a sophisticated ransomware attack on its network. TennCare, Tennessee’s state Medicaid program, has recently notified approximately 1,700 patients about the accidental exposure of some of their protected health information.

Ransomware

Ransomware Licensing HIPAA Health Insurance

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

The Austin, TX-based cloud hosting and data storage company DataHEALTH has announced it was the victim of a ransomware attack on November 3, 2021. Morrow has recently announced that hackers gained access to his IT systems and used ransomware to encrypt data. Notification letters were sent on January 28, 2022. DataHealth. Dr. Douglas C.

Ransomware

Ransomware Licensing Health Insurance Hospitals

HIMSSCast: Predicting what's next for health IT, mobile tech and health system finances

Healthcare It News

DECEMBER 16, 2022

Cybersecurity and the patient safety risks of ransomware. Up to 18 million people could lose Medicaid coverage after COVID-19 PHE. How providers are leaning on their EHR vendors to help them manage challenges. Automation, and how it can help clinician burnout and back-office processes.

COVID-19

COVID-19 Public Health Ransomware FDA

The Rackspace ransomware attack – How safe is your cloud?

Health Care Performance

DECEMBER 20, 2022

On 12/6, Rackspace indicated that they suffered a ransomware attack. Is there enough cash if billing Medicare, Medicare Advantage, Medicaid and private pay stops or takes longer than normal? Rackspace has not yet indicated when email service will be restored to their clients. The impact on other departments must be reviewed in detail.

Ransomware

Ransomware Medicare Medicare Medicaid

Tift Regional Medical Center Patients Notified About August 2022 Cyberattack

HIPAA Journal

AUGUST 15, 2023

” The attack was conducted by the Hive ransomware group, which was the subject of a law enforcement takedown in January 2023. Health Plan Member Data Compromised in Ransomware Attack on the City of Dallas The city of Dallas suffered a ransomware attack on May 3, 2023, that impacted several of its websites and IT systems.

Ransomware

Ransomware Electronic Medical Records HIPAA Medicaid

Security Breaches in Healthcare in 2023

HIPAA Journal

JANUARY 31, 2024

which does business as PJ&A NV Business Associate 8,952,212 Hackers access to its network between March 27, 2023, and May 2, 2023 Managed Care of North America (MCNA) GA Business Associate 8,861,076 Ransomware attack with data leak (LockBit ransomware group) Welltok, Inc.

Ransomware

Ransomware HIPAA Hospitals Compliance

Artificial Intelligence, Extinction-Level Threat or Solution?

AIHC

MARCH 12, 2024

As technology advances, so do cyber criminals When it comes to cyberattacks and cyber extortion (ransomware attacks), health care organization continue to suffer as prime targets and continue to struggle to recover after an attack.

Ransomware

Ransomware Governance Compliance HIPAA

Artificial Intelligence, Extinction-Level Threat or Solution?

AIHC

MARCH 12, 2024

As technology advances, so do cyber criminals When it comes to cyberattacks and cyber extortion (ransomware attacks), health care organization continue to suffer as prime targets and continue to struggle to recover after an attack.

Ransomware

Ransomware Governance Compliance HIPAA

OCR Will Focus on You if You Don’t Focus on Cybersecurity

Health Law RX

DECEMBER 21, 2023

On October 31, 2023, OCR issued its first settlement agreement under the HIPAA Rules related to a ransomware attack (the Ransomware Settlement ) and on December 7, 2023, its first settlement under the HIPAA Rules arising from a phishing cyber-attack (the Phishing Settlement ).

HIPAA

HIPAA Ransomware Compliance Medicaid

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

HIPAA Journal

JUNE 8, 2023

Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. The breach was reported to the Maine Attorney General as affecting up to 4,209 individuals.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. RHD said it engaged outside forensics specialists to investigate the extent of the breach and ensure the security of its offices and computer servers.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Up to 11 Million Health Records Compromised in Cyberattack on Government Contractor

HIPAA Journal

JULY 31, 2023

The Clop ransomware group was responsible for the attack and Maximus was one of hundreds of entities to be affected by the Clop group’s mass exploitation of the zero-day vulnerability. Reston, VA-based Maximus Inc., Maximus has recorded expenses of $15 million for the quarter to June 30, 2023, in relation to the data breach.

Governance

Governance Medicare Medicare Ransomware

Editorial: Why Do Criminals Target Medical Records

HIPAA Journal

OCTOBER 14, 2022

Healthcare data can be used to impersonate patients to obtain expensive medical services, Medicare and Medicaid benefits, healthcare devices, and prescription medications. Many of the hacking incidents now being reported by healthcare providers involve the use of ransomware. Healthcare Data Can be Used as Leverage.

Ransomware

Ransomware HIPAA Health Insurance Hospitals

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

HIPAA Journal

MAY 16, 2022

While Refuah Health Center did not disclose further information about the nature of the attack, databreaches.net reports that the attack appears to have been conducted by the Lorenz ransomware gang, which added Refuah Health Center to its list of victims on its data leak site on June 11, 2021, although that entry has now been removed.

Health Insurance

Health Insurance Ransomware HIPAA Licensing

Health Provider News

Hall Render

APRIL 19, 2024

to Study Treatments for Vascular Abnormalities Federal Appeals Court Hears Arguments on Nation’s First Ban on Gender-affirming Care for Minors Jason Demke Hired as COO at Mercy Hospital Fort Smit Pulaski Tech Awarded $5.7M

Nursing Homes

Nursing Homes Nurses Hospitals Doctors

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3 The attached file contained information such as member names, ID numbers, Medicare/Medicaid numbers, and dates of birth. This is the third data breach to be reported by UMC in the past 18 months.

Health Insurance

Health Insurance Licensing Ransomware Fraud

Virtual 40th National HIPAA Summit – Early Bird Discount Ends 2/3

HIPAA Journal

JANUARY 30, 2023

This year summit groups covering post-Dobbs reproductive health information privacy, Privacy risks from website tracking technologies, current and emerging security risks, medical and wearable device cybersecurity, incident response and breach notification best practices, privacy and security in the metaverse, business associate compliance and risk (..)

US Department of Health and Human Services

US Department of Health and Human Services HIPAA Compliance Medicaid

St. Luke’s Health Reports Third Party Data Breach

HIPAA Journal

NOVEMBER 7, 2022

The exposed information included names, addresses, dates of birth, Social Security numbers, dates of service, medical record numbers, Medicaid numbers, and some limited clinical information, such as treatment and diagnosis codes. Luke’s Health was notified about the breach on September 1, 2022.

Electronic Medical Records

Electronic Medical Records Ransomware HIPAA Licensing

277,000 Santa Clara Family Health Plan Members Affected by GoAnywhere Hack

HIPAA Journal

APRIL 25, 2023

Santa Clara Family Health Plan Confirmed as Victim of Clop GoAnywhere Hack Santa Clara Family Health Plan has confirmed the 276,993-record data breach reported to the HHS’ Office for Civil Rights on March 30, 2023, was due to the hacking of Fortra’s GoAnywhere MFT solution by the Clop ransomware group.

Health Insurance

Health Insurance Public Health Ransomware Fraud

Protected Health Information Exposed in 5 Recent Hacking Incidents

HIPAA Journal

MARCH 16, 2023

Florida Medical Clinic Florida Medical Clinic has recently announced that it was the victim of a ransomware attack. The affected files contained information such as names, Social Security numbers, birth dates, patient ID numbers, treatment information, Medicare/Medicaid numbers, and health insurance information.

Electronic Medical Records

Electronic Medical Records Health Insurance Ransomware HIPAA

Bonus Features – August 6, 2023 – 83% of hospitals are collecting SDoH data, 46% of hospitals planning to use large language models in the call center, and more

Healthcare IT Today

AUGUST 6, 2023

A similar report from Barracuda found that ransomware attacks against healthcare more than doubled over the last 12 months. Chicago-based RUSH University System for Health chose Cadence for remote monitoring and virtual care for Medicare and Medicaid patients with chronic conditions.

Hospitals

Hospitals Nurses Medical Billing Ransomware

Health Provider News

Hall Render

SEPTEMBER 1, 2023

Here’s why Ransomware gang reportedly selling Prospect Medical patient data Ransomware attack not the only headache for Prospect Medical Ridgecrest Regional Hospital receives $5.5 ALABAMA American Family Care opens new health care center in Northeast Birmingham doctors secure $13.9M

COVID-19

COVID-19 Nurses Nursing Homes Hospitals

Health Provider News – September 16, 2022

Hall Render

SEPTEMBER 16, 2022

Full 4th Circuit to tackle Medicaid fraud standard under False Claims Act. Louis County Couple Sentenced for Defrauding Medicaid. Study finds Montana underpays Medicaid providers by tens of millions. Aaron Weismann on ransomware attacks. New York improperly billed Medicaid $84.3M, OIG says. NEW JERSEY.

US Department of Health and Human Services

US Department of Health and Human Services COVID-19 Nurses Nursing Homes

HITECH Compliance

AIHC

APRIL 10, 2024

Ransomware attacks are also referred to as Cy-X or Cyber extortion. Be sure to use web sites that give you information that is accurate such as Centers for Medicare and Medicaid Services , Health and Human Services, Office of Civil Rights and U S Government Agencies. How do you respond in the event to mitigate a cybersecurity incident?

Compliance

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records

Is Your Organization HITECH Compliant?

AIHC

NOVEMBER 6, 2023

This increase in expense and provider time was added to the exposure of potential hacking, ransomware and other cybersecurity risks associated with storing and transmitting electronic patient records. OCR can impose civil money penalties up to $1.5

HIPAA

HIPAA Compliance Governance Health Insurance

Health Provider News

Hall Render

JULY 28, 2023

2 Children’s Hospital in Seattle, Regional Hospital in Florida Win Healthcare Design Awards CHS to sell 3 hospitals to Tampa General Construction Begins on Orlando Health’s Seven-Story Lakeland Highlands Hospital Florida cardiology center settles in whistleblower lawsuit Florida Hospital Says Data Theft Attack Affects 1.2

US Department of Health and Human Services

US Department of Health and Human Services Nurses Nursing Homes Hospitals

May 2023 Healthcare Data Breach Report

HIPAA Journal

JUNE 20, 2023

The worst data breach was a LockBit ransomware attack on the HIPAA business associate Managed Care of North America (MCNA) which affected almost 8.9 Almost 6 million records were stolen in a ransomware attack on PharMerica Corporation and its subsidiary BrightSpring Health Services. The Money Message ransomware group exfiltrated 4.7

Ransomware

Ransomware HIPAA Compliance Health Insurance

Is Your Organization HITECH Compliant?

AIHC

NOVEMBER 6, 2023

This increase in expense and provider time was added to the exposure of potential hacking, ransomware and other cybersecurity risks associated with storing and transmitting electronic patient records. OCR can impose civil money penalties up to $1.5

HIPAA

HIPAA Compliance Governance Health Insurance

HITECH Compliance

AIHC

APRIL 10, 2024

Ransomware attacks are also referred to as Cy-X or Cyber extortion. Be sure to use web sites that give you information that is accurate such as Centers for Medicare and Medicaid Services , Health and Human Services, Office of Civil Rights and U S Government Agencies. How do you respond in the event to mitigate a cybersecurity incident?

Compliance

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records

Health Provider News

Hall Render

JUNE 30, 2023

for physician referral scheme In Los Angeles, hospital CEO pay could be capped Kaiser Permanente ratings affirmed amid healthy financial profile Nurses vote ‘no confidence’ in California hospital administration, board Nursing facility, management company settle physician kickback allegations for $3.8M

US Department of Health and Human Services

US Department of Health and Human Services Nursing Homes Nurses Hospitals

July 2023 Healthcare Data Breach Report

HIPAA Journal

AUGUST 21, 2023

The second largest breach, reported by the Centers for Medicare and Medicaid Services (CMS) as affecting 1,362,470 Medicare recipients, was more severe due to the types of data compromised. The breach occurred at a CMS contractor, Maximus Federal Services, Inc.

Ransomware

Ransomware HIPAA Medicare Medicare

Lawsuits Increasing Following HIPAA Breaches

Compliancy Group

MAY 27, 2022

35% of healthcare breaches involved ransomware attacks, vs. 20% in 2020. The average ransomware payment for healthcare was $875,784, about one-third less than the 2020 payment. 82% of ransomware attacks claimed to have removed data before encryption. The average number of patient notifications was 81,679.

HIPAA

HIPAA Ransomware Compliance Hospitals

April 2023 Healthcare Data Breach Report

HIPAA Journal

MAY 23, 2023

The breach occurred at the HIPAA business associate, NationsBenefits Holdings, and was a data theft and extortion attack by the Clop ransomware group involving the Fortra GoAnywhere MFT solution. 8 of the month’s 21 breaches of 10,000 or more records were due to these Clop attacks, including the top 5 breaches in April.

Ransomware

Ransomware HIPAA Medicaid Medicaid

Health Provider News

Hall Render

DECEMBER 1, 2023

Luke’s surgeons open independent Idaho orthopedic clinic Court dismisses legal case over Idaho health grants, but investigation isn’t over Saint Alphonsus to break ground on new medical health plaza in Caldwell Portneuf Medical Center experienced a ransomware attack. to Recruit, Train Primary Care Students UAMS Gets $17.5M

Nursing Homes

Nursing Homes Nurses Ransomware COVID-19

Reactions to the Ascension Healthcare Ransomware Attack and Suggestions for Healthcare Organizations

UnitedHealth Group Confirms Data Stolen in Change Healthcare Ransomware Attack

Trending Sources

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Ransomware Attack Key Factor in Decision to Close Rural Illinois Hospital

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

Up to 254,000 Medicare Beneficiaries Affected by Ransomware Attack on CMS Subcontractor

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

Ransomware Gangs Claim Three Healthcare Victims

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data

Ransomware Attack on Medical Associates of the Lehigh Valley Affects 75K Patients

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIMSSCast: Predicting what's next for health IT, mobile tech and health system finances

The Rackspace ransomware attack – How safe is your cloud?

Tift Regional Medical Center Patients Notified About August 2022 Cyberattack

Security Breaches in Healthcare in 2023

Artificial Intelligence, Extinction-Level Threat or Solution?

Artificial Intelligence, Extinction-Level Threat or Solution?

OCR Will Focus on You if You Don’t Focus on Cybersecurity

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

Up to 11 Million Health Records Compromised in Cyberattack on Government Contractor

Editorial: Why Do Criminals Target Medical Records

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

Health Provider News

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Virtual 40th National HIPAA Summit – Early Bird Discount Ends 2/3

St. Luke’s Health Reports Third Party Data Breach

277,000 Santa Clara Family Health Plan Members Affected by GoAnywhere Hack

Protected Health Information Exposed in 5 Recent Hacking Incidents

Bonus Features – August 6, 2023 – 83% of hospitals are collecting SDoH data, 46% of hospitals planning to use large language models in the call center, and more

Health Provider News

Health Provider News – September 16, 2022

HITECH Compliance

Is Your Organization HITECH Compliant?

Health Provider News

May 2023 Healthcare Data Breach Report

Is Your Organization HITECH Compliant?

HITECH Compliance

Health Provider News

July 2023 Healthcare Data Breach Report

Lawsuits Increasing Following HIPAA Breaches

April 2023 Healthcare Data Breach Report

Health Provider News

Stay Connected