A database containing the personally identifiable information (PII) of more than 16,000 children has been exposed over the Internet and could be accessed without a password or any other form of authentication. The database was found by security researcher Jeremiah Fowler and the Website Planet team and was traced to Tridas Group LLC. Tridas Group… Read More »
The Department of Health and Human Services (HHS) and the Substance Abuse and Mental Health Services Administration (SAMHSA) have issued a Notice of Proposed Rulemaking (NPRM) detailing changes to the Confidentiality of Substance Use Disorder (SUD) Patient Records (42 CFR Part 2) and HIPAA to increase care coordination and better align Part 2 with the… Read More »
HIPAA Journal is conducting interviews with healthcare professionals and service providers to find out more about their compliance journeys, how the HIPAA Rules have affected their working lives, and the successes and challenges they have faced with HIPAA compliance. Kimberly Heimback, Compliance Officer, WNY BloodCare has shared her thoughts. Kimberly Heimback, Compliance Officer, WNY BloodCare.… Read More »
Woodlawn, MD-based Hope Health Systems Inc. (HHS) has recently announced that it was the victim of a ransomware attack. The attack was detected on June 20, 2022, and third-party forensics experts were engaged to investigate the incident and determine the scope of the attack. The investigation revealed an unauthorized third party first accessed its systems… Read More »
Amazon has launched a new service that connects patients with doctors – Amazon Clinic. This should come as no surprise given Amazon’s recent acquisitions and the company’s stated ambitions healthcare market. The new service promises to deliver convenience combined with affordability, but Amazon’s latest healthcare venture sets warning bells ringing about patient privacy. Amazon’s Journey… Read More »
An alarming number of websites used to deliver opioid addiction treatment and recovery services contain data sharing and privacy risks, according to a new report from the Opioid Policy Institute (OPI) and Legal Action Center (LAC). Addiction treatment and recovery services are increasingly delivered online and via mobile apps, with the websites handling multiple functions.… Read More »
Pennsylvania-based Gateway Rehabilitation Center (Gateway Rehab) has recently announced that it experienced “an incident disrupting access to certain systems.” The incident in question was detected by Gateway Rehab on June 13, 2022. Immediate action was taken to prevent further unauthorized access to its systems and a digital forensics firm was engaged to investigate the breach.… Read More »
It is now common for class action lawsuits to be filed in response to a healthcare data breach. While the theft of sensitive healthcare data can undoubtedly cause a great deal of inconvenience to victims of a data breach, for a lawsuit to stand a chance of success, the plaintiffs must allege they have suffered… Read More »
A group of 10 state Attorney Generals recently wrote to Apple CEO, Tim Cook, urging the company to implement stronger privacy and security controls for applications available through the Apple App Store that track, collect, store, or transmit reproductive health data. The letter was written by Matthew Platkin, Attorney General of New Jersey, and was… Read More »
Indiana-based Community Health Network is the latest healthcare provider to confirm that the protected health information of patients has been impermissibly disclosed to Meta/Facebook and Google due to the use of their tracking code on its websites. According to the breach report submitted to the HHS’ Office for Civil Rights, the protected health information of… Read More »