Category Archives: Latest Posts

210K MultiCare Health System and Woodcreek Healthcare Patients Affected by Ransomware Attack

The number of individuals affected by a ransomware attack on St. Cloud-based Netgain Technology LLC has increased, with a further 210,000 individuals now known to have been affected. Netgain Technology provides IT and technology services to several entities in the healthcare industry, including the medical practice management company Woodcreek Provider Service in Washington. Ramsey County… Read More »

FTC Urged to Enforce Breach Notification Rule When Fertility Tracking Apps Share User Data Without Consent

On March 4, 2021, Senator Robert Menendez (D-New Jersey), and Reps. Bonnie Watson Coleman (D-New Jersey) and Mikie Sherrill (D-New Jersey) wrote a letter urging the Federal Trade Commission (FTC) to start enforcing the Health Breach Notification Rule. The Federal Trade Commission (FTC) has a mandate to protect Americans from bad actors that betray consumer… Read More »

Virginia Consumer Data Protection Act Signed into Law

The Virginia Consumer Data Protection Act (CDPA) has been signed into law by Governor Ralph Northam. CDPA requires persons conducting business in the Commonwealth of Virginia to comply with new data privacy and security requirements. The CDPA comes into effect on January 1, 2023. The CDPA mirrors some of the privacy and security provisions of… Read More »

Two Employees Fired for Impermissible PHI Disclosures to Third Parties

Humana has discovered an employee of a subcontractor of a business associate impermissibly disclosed the protected health information of approximately 65,000 of its members to a third-party for training purposes. Cotiviti was contracted by Humana to provide assistance requesting medical records and used a subcontractor to review the requested medical records. Under HIPAA, subcontractors used… Read More »

PHI of More Than 100,000 Elara Caring Patients Potentially Compromised in Phishing Attack

Elara Caring, one the largest providers of home-based healthcare services in the United States, has suffered a phishing attack that has impacted more than 100,000 patients. In mid-December, suspicious activity was identified in some employee email accounts. Prompt action was taken to secure the accounts to prevent further unauthorized access and a third-party security firm… Read More »

Small and Medium Sized Practices Under Increased Pressure from Cyberattacks

2020 saw cyberattacks on healthcare organizations increase significantly. While large healthcare organizations are being targeted by Advanced Persistent Threat (APT) groups and ransomware gangs, there has also been a marked increase in attacks on small- to medium-sized healthcare organizations. A cyberattack on a large healthcare organization could allow the hackers to steal large quantities of… Read More »