Category Archives: Latest Posts

HIPAA Compliance for Hospitals

Discussing HIPAA compliance for hospitals in a single article is challenging. Not only is there so much to cover, but there are also many different types and sizes of hospitals. This means there is no one-size-fits-all guide to HIPAA compliance for hospitals, but rather checklists that can help hospitals cover the basics of the compliance… Read More »

HIPAA Compliance for Nurses

Generally, HIPAA compliance for nurses is considered to mean adhering to policies and procedures developed by an organization’s HIPAA Privacy Officer and applying the best practices of security awareness training provided by an organization’s HIPAA Security Officer. However, sometimes it is necessary to do more than provide basic training to help nurses work compliantly. Under… Read More »

Editorial: Lessons from Biggest HIPAA Breaches of 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. While it does not currently look like last year’s record of 714 data breaches of 500+ records will be exceeded this year, with 674 data… Read More »

November 2022 Healthcare Data Breach Report

November was a relatively quiet month for healthcare data breaches with 31% fewer breaches reported than the previous month. November’s total of 49 breaches of 500 or more records was also well below the 12-month average of 58 breaches a month. 643 healthcare data breaches have been reported to the HHS’ Office for Civil Rights so… Read More »

Six Data Breaches Reported by Healthcare Providers and Business Associates

Work Health Solutions, a San Jose, CA-based occupational health services provider, has confirmed that the protected health information of 13,157 individuals has been exposed and potentially obtained by unauthorized individuals who had access to an employee email account between February 16, 2-022 and March 24, 2022. Following an investigation by third-party cybersecurity professionals, Work Health… Read More »

Critical Citrix ADC and Gateway Vulnerability Exploited in Attacks on Healthcare Organizations

Citrix Application Delivery Controller (ADC) and Citrix Gateway users have been urged to check to make sure that their systems are not vulnerable to a critical unauthenticated remote code execution vulnerability, which is being actively exploited by a highly capable Chinese advanced persistent threat (APT) actor and potentially other state-sponsored hacking groups. Citrix ADC is… Read More »