August 2021 Healthcare Data Breach Report

There was a 44% month-over-month decrease in the number of reported healthcare data breaches in August 2021. 38 healthcare data breaches of 500 or more records were reported by healthcare providers, health plans, and their business associates in August. August’s reported data breaches takes the total number of healthcare data breaches in the past 12… Read More »

Alaska DHSS Says May 2021 Cyberattack Impacts All Alaskans

The Alaska Department of Health and Social Services (DHSS) is about to start mailing notification letters to all individuals in the state telling them their personal and health information may have been compromised in a highly sophisticated cyberattack conducted by a nation state threat actor. The cyberattack was detected on May 2, 2021 and the… Read More »

Hacked Simon Eye Management Email Accounts Contained PHI of More than 144,000 Patients

Wilmington, DE-based Simon Eye Management has suffered a breach of its email environment and hackers potentially gained access to the protected health information of 144,373 patients. Simon Eye identified suspicious activity in certain employee email accounts on or around June 8, 2021. Action was immediately taken to secure the accounts and prevent further unauthorized access,… Read More »

Stolen Laptop Contained the PHI of Dignity Health Patients

Resource Anesthesiology Associates (RAA) of California has started notifying certain patients of Dignity Health’s Mercy Hospital Downtown and Mercy Hospital Southwest that some of their protected health information was stored on a laptop computer that has been stolen. RAA of California provides anesthesiology services at the Dignity Health hospitals, which requires access to patient data.… Read More »

36,500 Patients of Austin Cancer Centers Notified About PHI Exposure

Austin Cancer Centers is alerting 36,503 patients about a security incident discovered on August 4, 2021 in which some of their protected health information was exposed. Unauthorized individuals were discovered to have gained access to computer systems and installed malware. To prevent further unauthorized access, computer systems were immediately shut down and law enforcement was… Read More »

Webinar September 22: Do I Need to be HIPAA Compliant?

“Covered Entities” are required to comply with the Health Insurance Portability and Accountability Act (HIPAA). Covered entities are healthcare providers, health plans, and healthcare clearinghouses, which must ensure they are fully compliant with the HIPAA Privacy, Security, Omnibus, and Breach Notification Rules. There is a common misconception that HIPAA only applies to these entities, when… Read More »