Utah Valley Eye Center in Provo, UT is warning patients that some of their personal information may have been accessed by an unauthorized individual following a security breach of its scheduling reminder portal on June 28, 2018. The hacker obtained the email addresses of 5,764 patients and sent each a phishing email in an attempt… Read More »
The HHS has updated its HIPAA Security Risk Assessment Tool and has added several new features that have been requested by users to improve usability. The HIPAA Security Risk Assessment Tool was developed by the HHS Office of the National Coordinator for Health Information Technology (ONC) in collaboration with the HHS’ Office for Civil Rights.… Read More »
Prisma Health Midlands is notifying approximately 19,000 patients and 3,000 employees about a data breach involving the Palmetto Health website. Prisma Health – formerly Palmetto Health – learned on August 29, 2019 that an unauthorized individual had obtained the login credentials of a Prisma Health employee. Those credentials allowed the attacker to access the Palmetto… Read More »
Following a November 2016 cyberattack at Quest Diagnostics that resulted in an unauthorized individual accessing and stealing the personal information and medical test results of 34,000 individuals, a class action lawsuit was filed by the breach victims. Quest Diagnostics proposed a $195,000 settlement to resolve the case. The settlement has recently been approved by a… Read More »
HIPAA Manuals, Is it Enough? Remember Windows 95? That operating system was released by Microsoft roughly one year before HIPAA became the law of the land. In the mid 1990s, the Internet was in its infancy. “Social media” did not exist as we know it. Web commerce was a gleam in its creators’ eyes (the… Read More »
Salt Lake City, OH-based Smith’s Food & Drug has announced that the pharmacy records of around 58,000 patients have been disposed of in an improper manner. The improper disposal incident was discovered by the grocery and drug store chain on August 29, 2019 and affected customers of its store at 4600 East Sunset Road in… Read More »
Healthcare data breaches lead to a reduction in the quality of care provided to patients, according to a study recently published in Health Services Research. Researchers analyzed data from Medicare Compare which details quality measures at hospitals. Data from 2012-2016 was analyzed and compared with data from the HHS’ Office for Civil Rights on data… Read More »
St Louis, MO-based Betty Jean Kerr People’s Health Centers experienced a ransomware attack on September 2, 2019 that prevented staff at its health centers from accessing certain types of patient, provider, and employee information. The security incident was detected on September 3 and law enforcement was notified. A ransom demand was received, but the decision… Read More »
Integrated Technology Group, a leading healthcare-industry focused managed service provider (MSP) in the Central Virginia region, has achieved HIPAA compliance with Compliancy Group and has demonstrated its policies and procedures are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules and the requirements of the HITECH Act. Integrated Technology Group is primarily… Read More »
A recent study conducted by the password manager provider LastPass has revealed only 57% of businesses use multi-factor authentication, even though it is one of the best ways of ensuring stolen credentials cannot be used to gain access to email accounts and corporate networks. Multi-factor authentication requires a second factor to authenticate users in addition… Read More »