Author Archives: Blog HIPAA

Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit

The Nashville, TN-based health system, Advent Health Partners, has proposed a $500,000 settlement to resolve claims related to a September 2021 data breach involving the protected health information of 61,072 patients. Advent Health Partners detected a breach of its email environment in early September 2021. The investigation confirmed hackers had access to, and potentially stole,… Read More »

Louisiana Health Systems Sued for Pixel-Related Disclosures of Patient Information

Two Louisiana health are being sued over the use of pixels on their websites, which allegedly captured and impermissibly disclose patient data to third parties such as Facebook and Instagram. New Orleans-based LCMC Health System operates 9 hospitals in Southern Louisiana and Shreveport-based Willis-Knighton Health System operates 5 hospitals in Northwestern Louisiana. Both health systems are… Read More »

mscripts Cloud Storage Misconfiguration Exposed PHI for 6 Years

The mobile pharmacy solution provider, mscripts, has recently announced that a misconfiguration of its cloud storage environment has exposed client data online for the past 6 years. The misconfiguration was detected and remediated on November 18, 2022, with the third-party forensics investigation confirming the cloud storage environment had been unsecured since September 30, 2016. A… Read More »

Rise Interactive Media & Analytics, DotHouse Health, and Reventics Hacked

Rise Interactive Media & Analytics, LLC The Illinois-based digital marketing agency, Rise Interactive Media & Analytics, LLC, has recently confirmed that hackers gained access to its digital environment on November 14, 2022, and potentially accessed or exfiltrated the data of some of its clients. Rise Interactive has reported the breach to the Department of Health and… Read More »

PHI Compromised in 4 Recent Ransomware and Malware Attacks

Teijin Automotive Technologies Says Welfare Plan Data Compromised in December Ransomware Attack Teijin Automotive Technologies has recently confirmed the protected health information of 25,464 members of its welfare plan has potentially been accessed and stolen in a December 1, 2022, ransomware attack. Teijin Automotive Technologies has been transparent about the attack and its cause, confirming… Read More »

HC3 Issues DDoS Guide for the Healthcare Sector

The Health Sector Cybersecurity Coordination Center (HC3) at the Department of Health and Human Services has issued a DDoS guide for the healthcare sector that includes information on the threat and recommended mitigations to limit the severity and impact of DDoS attacks. Distributed-Denial-of-Service (DDoS) attacks are a type of resource exhaustion flooding attack that involves… Read More »

Electromed Proposes $825,000 Class Action Data Breach Settlement

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. The attack was detected and blocked by Electromed on June 16, 2021, and the forensic investigation confirmed that files were accessed – and potentially… Read More »