A frequently asked question in the healthcare industry is what is HIPAA certification; for although there is no standard or implementation specification within HIPAA that requires Covered Entities or Business Associate to certify compliance, several third-party organizations offer HIPAA certification services. What is HIPAA Certification? Although there is no official HHS-mandated HIPAA certification process or… Read More »
A vulnerability has been identified in Philips DreamMapper software, a mobile app that is used to monitor and manage sleep apnea. The app is not used to provide therapy to patients, so exploitation of the flaw does not place patient safety at risk, but the vulnerability could be exploited to gain access to log files,… Read More »
Beaumont Health, the largest healthcare provider in Michigan, has started notifying approximately 6,000 patients that some of their protected health information has potentially been accessed by unauthorized individuals. On June 5, 2020, Beaumont Health learned that email accounts accessed by unauthorized individuals between January 3, 2020 and January 29, 2020 contained the protected health information… Read More »
There is a considerable weight of evidence suggesting nation state hacking groups are targeting organizations involved in COVID-19 research and vaccine development to obtain information to further the research programs in their respective countries. Security agencies in the United States, Canada and United Kingdom have recently warned that there is strong evidence that state-sponsored hacking… Read More »
This week, the Federal Bureau of Investigation (FBI) issued a (TLP:WHITE) FLASH alert following an increase in attacks involving NetWalker ransomware. NetWalker is a relatively new ransomware threat that was recognized in March 2020 following attacks on a transportation and logistics company in Australia and the University of California, San Francisco. UC San Francisco was… Read More »
The 2020 Cost of Data Breach Report from IBM Security has been released and reveals there has been a slight reduction in global data breach costs, falling to $3.86 million per breach from $3.92 million in 2019 – A reduction of 1.5%. There was considerable variation in data breach costs in different regions and industries.… Read More »
CVS Pharmacy is alerting certain patients that some of their personal and protected health information has been lost following several incidents at its pharmacies between May 27, 2020 and June 8, 2020. During that time frame, several of its pharmacies were affected by looting and vandalism incidents. Unauthorized individuals gained access to several of its… Read More »
MarineXchange Software GmbH has achieved HIPAA compliance following the successful completion of Compliancy Group’s six stage HIPAA risk analysis and remediation process. MarineXchange is the developer of the only enterprise software platform for the cruise industry. MXP365 incorporates a range of tools that allow cruise operators to effectively manage all aspects of cruise ship operations,… Read More »
Earlier this year, HIPAA Journal sent out a survey on emergency preparedness in healthcare. Many healthcare leaders such as yourself participated in the survey, which determined 69% of healthcare employees viewed severe weather as their top safety concern. Since then, COVID-19 has drastically impacted the healthcare industry and changed the way hospitals and other medical… Read More »
The HHS’ Office for Civil Rights has imposed a $1,040,000 HIPAA penalty on Lifespan Health System Affiliated Covered Entity (Lifespan ACE) following the discovery of systemic noncompliance with the HIPAA Rules. Lifespan is a not-for-profit health system based in Rhode Island that has many healthcare provider affiliates in the state. On April 21, 2017, a… Read More »