OSHA Adopts More Aggressive Stance on OSH Act Noncompliance

In late January, the U.S. Occupational Safety and Health Administration (OSHA) at the U.S. Department of Labor published new enforcement guidance which will see the agency adopt a much more aggressive stance on serious violations of the Occupational Safety and Health Act (OSH Act) in an effort to improve OSH Act compliance. OSHA will be… Read More »

Organizations Increasingly Opaque About Cause of Data Breaches

When a data breach occurs and sensitive information is disclosed, the HIPAA Breach Notification Rule requires affected individuals to be notified. The FTC Health Breach Notification Rule also has breach reporting requirements, and all 50 states have enacted data breach notification laws. What is lacking in many of these regulations – at both the federal… Read More »

Ransomware Attacks, Hacks, and Pixel-Related Data Breaches Reported

UCLA Health Announces Pixel-Related Data Breach UCLA Health has recently started notifying approximately 94,000 patients about an impermissible disclosure of their protected health information to certain unnamed service providers due to the use of analytics tools on its website and mobile app. UCLA Health said analytics tools were used to better understand how patients interacted… Read More »

Pro-Russian Hacking Group Conducting DDoS Attacks on U.S. Hospitals

The pro-Russian hacking group, Killnet, is conducting a campaign of Distributed Denial of Service (DDoS) attacks on U.S. hospitals in apparent retaliation for U.S. support of Ukraine. The attacks started a few days after the United States and other countries agreed to provide tanks to Ukraine to help with the fight against the Russian invasion.… Read More »

Virtual 40th National HIPAA Summit – Early Bird Discount Ends 2/3

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching. The event provides a tremendous opportunity for learning through HIPAA workforce training sessions and keynote speeches from top government officials… Read More »

Katherine Shaw Bethea Hospital Proposes $380K Settlement to Resolve Data Breach Lawsuit

Katherine Shaw Bethea (KSB) Hospital in Dixon, IL, has proposed a $380,000 settlement to resolve claims related to a September 2021 data breach at a business associate of the hospital. KSB Hospital used the Scottsbluff, NE-based healthcare accounts receivables service provider, Magnet Solutions, for billing-related services. Between September 17 and September 20, 2021, Magnet Solutions… Read More »