Category Archives: Latest Posts

May 2022 Healthcare Data Breach Report

May 2022 saw a 25% increase in healthcare data breaches of 500 or more records. 70 data breaches of 500 or more records were reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) in May 2022, which is the highest monthly total this year and well above the 12-month average… Read More »

Vulnerabilities Identified in Welch Allyn Resting Electrocardiograph Devices

Hillrom Medical Device Management has announced that two vulnerabilities have been identified in certain Welch Allyn medical devices. If exploited the vulnerabilities could allow an unauthorized attacker to compromise software security by executing commands, gaining privileges, and reading sensitive information while evading detection. The vulnerabilities affect the following Hillrom products: Welch Allyn ELI 380 Resting… Read More »

HHS Offers Advice to Help Healthcare Organizations Strengthen Their Cyber Posture

The HHS’ Health Sector Cybersecurity Coordination Sector (HC3) has published guidance for healthcare organizations to help them improve their cyber posture. Cyber posture is the term given for the overall strength of an organization’s cybersecurity, protocols for predicting and preventing cyber threats, and the ability to continue to operate while responding to cyber threats. To… Read More »

Central Florida Inpatient Medicine Security Incident Affects Almost 198,000 Patients

Lake Mary, FL-based Central Florida Inpatient Medicine (CFIM) has recently discovered that the email account of an employee has been accessed by an unauthorized individual, who may have viewed emails and files containing patients’ protected health information. The substitute breach notice states that CFIM learned that the email account contained sensitive patient data on May… Read More »

Webinar: July 20, 2022: Compliance vs. Security: Why you Need Both to be HIPAA Compliant

Healthcare providers, health plans, healthcare clearinghouses, and business associates of those entities that come into contact with protected health information (PHI) are required to ensure policies, processes, and people are compliant with the Rules of the Health Insurance Portability and Accountability Act (HIPAA). Ensuring you have a good security posture is an important part of… Read More »

ONC and OCR Release Updated Security Risk Assessment Tool

The Department of Health and Human Services (HHS)’ Office of the National Coordinator for Health Information Technology (ONC) and the Office for Civil Rights (OCR) have released a new version of the HHS Security Risk Assessment (SRA) Tool. The HIPAA Security Rule requires HIPAA-regulated entities to conduct a comprehensive, organization-wide risk analysis to identify the… Read More »

Almost 1.3 Million Patients of Texas Tech University Health Sciences Center Affected by Eye Care Leaders Data Breach

Texas Tech University Health Sciences Center has confirmed that the protected health information of 1,290,104 patients was compromised in a data breach at its electronic medical record vendor, Eye Care Leaders. Eye Care Leaders said it detected a breach on Dec. 4, 2021, and disabled the affected systems within 24 hours. Texas Tech University Health… Read More »