Category Archives: Latest Posts

CISA Director Encourages All Organizations to Adopt FIDO Authentication

In a recent blog post, Jen Easterly, the Director of the Cybersecurity and Infrastructure Security Agency (CISA) explained that for Cybersecurity Awareness Month she has been traveling the country promoting cybersecurity best practices, explaining the steps that everyone can take to stay safe online, and stressing the importance of enabling multi-factor authentication on email accounts,… Read More »

Hacking, Database Misconfigurations, and Improper Disposal Incidents Reported

A round-up of healthcare data breaches that have recently been reported to the HHS’ Office for Civil Rights and State Attorneys General. Delaware Department of Health and Social Services – Database Misconfiguration The Delaware Department of Health and Social Services, Division of Developmental Disabilities Services (DDDS) has recently discovered a misconfiguration occurred when creating new… Read More »

Government Issues Warning to Healthcare Organizations About Daixin Team Extortion and Ransomware Attacks

A relatively new data extortion and ransomware gang known as Daixin team is actively targeting U.S. healthcare organizations, prompting a warning from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). Daixin Team first appeared on the radar in June 2022, with… Read More »

WakeMed Announces Meta Pixel-Related Breach Affecting 495,000 Patients

WakeMed Health and Hospitals, a health system with multiple healthcare facilities in metropolitan Raleigh, NC, has recently notified around 495,000 patients that some of their protected health information may have been impermissibly disclosed to Meta/Facebook due to the use of Meta Pixel tracking code on its website. The privacy violation was announced by the health… Read More »

Neurology MIND Care PLLC Confirmed as HIPAA Compliant

Neurology MIND Care PLLC, a private practice in Merrick, NY that specializes in cognitive behavioral neurology and dementia consultations, has recently been confirmed as having an effective HIPAA compliance program by Compliancy Group. The healthcare services provided by Neurology MIND Care naturally involve contact with patients’ identifiable protected health information, which requires compliance with the… Read More »

September 2022 Healthcare Data Breach Report

63 data breaches of 500 or more records were reported to the HHS’ Office for Civil Rights in September, bringing an end to the downward trend in data breaches seen over the previous three months. September’s total was above the 12-month average of 59 breaches a month, with data breaches being reported at a rate… Read More »

When Can PHI be Disclosed?

Most sources of information answering the question when can PHI be disclosed refer to the standards of the HIPAA Privacy Rule that specify the required and permissible uses and discloses of PHI, and those that require the consent or authorization of the individual (§164.502 – §164.514). However, it is important to be aware that there… Read More »