Category Archives: Latest Posts

Wisconsin Department of Health Services Reports Breach of 12,000 Records

A round-up of healthcare data breaches that have recently been reported to the HHS’ Office for Civil Rights, state attorneys general, and the media. Wisconsin Department of Health Services: Accidental Disclosure of PHI via Email The Wisconsin Department of Health Services (DHS) has recently confirmed that there has been an accidental disclosure of protected health… Read More »

Editorial: How Does HIPAA Improve Healthcare?

Questions are often sent to HIPAA Journal about the Health Insurance Portability and Accountability Act, one of which is how HIPAA has improved healthcare. In this article, I explain some of the main ways that healthcare has been improved by HIPAA for healthcare providers, health plans, and patients. How Does HIPAA Improve Healthcare? There has… Read More »

Email Breach at CSI Laboratories Impacts Almost 245,000 Patients

Cytometry Specialists, Inc., doing business as CSI Laboratories in Alpharetta, GA, has recently announced that the email account of an employee has been accessed by an unauthorized individual, who may have viewed or obtained the protected health information of 244,850 patients. CSI Laboratories is a leading cancer testing and diagnostics laboratory that serves pathologists, oncologists,… Read More »

Netwalker Ransomware Affiliate Sentenced to 20 Years in Jail

An affiliate of the infamous Netwalker ransomware gang has been sentenced to serve 20 years in jail for his role in ransomware attacks on entities in the United States. Netwalker is a ransomware-as-a-service (RaaS) operation where affiliates are recruited to conduct attacks and deploy ransomware in exchange for a cut of the ransom payments they… Read More »

Mon Health Faces Class Action Lawsuit Over 493K Record Data Breach

Mon Health is facing a class action lawsuit over a hacking incident that allowed unauthorized individuals to gain access to its network for an 11-day period in December 2021. Mon Health said it detected the breach on December 30, 2021, with the forensic investigation determining hackers accessed its network between December 9 and December 19.… Read More »

Advisory Issued About BD Totalys MultiProcessor Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a medical advisory about a recently discovered vulnerability that affects the BD Totalys MultiProcessor, which is used by hospitals and labs for processing clinical tissue specimens. The vulnerability is due to the use of hard-coded credentials, which could allow an attacker with access to a vulnerable… Read More »

NIST Urged to Make HIPAA Security Rule Implementation Guidance More Usable by Small Providers

The Health Sector Coordinating Council (HSCC) has urged the National Institute for Standards & Technology to provide tailored guidance for smaller and lesser-resourced healthcare organizations on implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, and makes several other recommendations to improve the utility of its new HIPAA Security Rule implementation guidance. Background… Read More »