With around 1.5 million users, Gmail is the most popular email service but can Gmail be used by healthcare organizations to send protected health information? Is it possible to make Gmail HIPAA compliant? Is Gmail HIPAA Compliant? In order for Gmail to be HIPAA compliant, Google would have to ensure that the email platform is… Read More »
It is becoming increasingly common for threat actors to use ransomware to encrypt files to prevent data access, but also to steal data and threaten to publish or sell on the stolen data if the ransom is not paid. This new tactic is intended to increase the likelihood of victims paying the ransom. The Center… Read More »
HIPAA applies to healthcare providers, health plans, healthcare clearinghouses, and business associates of those entities but how does HIPAA apply to schools? In this post we explore when HIPAA applies to schools and how the Health Insurance Portability and Accountability Act intersects with the Family Educational Rights and Privacy Act (FERPA). Does HIPAA Apply to… Read More »
Alomere Health in Alexandria, MN is notifying almost 50,000 patients that some of their protected health information was potentially accessed by unauthorized individuals as a result of a phishing attack. Alomere Health learned about the phishing attack on November 6, 2019 and launched an internal investigation which confirmed the account was accessed by an unauthorized… Read More »
Portland, OR-based Native American Rehabilitation Association of the Northwest, Inc., (NARA), a provider of education, physical and mental health services and substance abuse treatment services to native Americans, is alerting certain individuals about a malware infection that has potentially allowed unauthorized individuals to gain access to their protected health information. NARA reports that the attack… Read More »
Healthcare industry data breaches are occurring more frequently than ever before. The healthcare data breach figures for 2019 have yet to be finalized, but so far 494 data breaches of more than 500 records have been reported to the HHS’ Office for Civil Rights and more than 41.11 million records were exposed, stolen, or impermissibly… Read More »
Last week, the Federal Bureau of Investigation (FBI) issued a flash alert warning private companies in the United States about the threat of attacks involving Maze ransomware. The warning came just a few days after the FBI issued an alert about two other ransomware variants, LockerGoga and MegaCortex. The Maze ransomware TLP: Green warning is… Read More »
The U.S. Department of Homeland Security has issued a warning about retaliatory cyberattacks following the military action in Iraq in which Iran’s top general, Major General Qasem Soleimani, was killed in a done strike. The U.S. Department of Defense issued a statement saying “General Soleimani was actively developing plans to attack American diplomats and service… Read More »
The U.S. Department of Justice (DOJ) has announced that a former employee of a New York City hospital has pleaded guilty to using malicious software to obtain the credentials of coworkers, which he subsequently misused to steal sensitive information. Richard Liriano, 33, of the Bronx, New York, was IT worker at the unnamed NYC hospital.… Read More »
A second lawsuit has been filed against Kalispell Regional Healthcare in Montana over a May 2019 phishing attack that saw the email accounts of some of its employees accessed by cybercriminals. Kalispell Regional Healthcare learned about the breach on August 28, 2019. The investigation revealed the hackers gained access to employee email accounts on May… Read More »