The Government Accountability Office (GAO) has recommended that the Department of Health and Human Services (HHS) establish a feedback mechanism to improve the effectiveness of its data breach reporting process. The Health Information Technology for Economic and Clinical Health (HITECH) Act, part of the American Recovery and Reinvestment Act of 2009, called for the Secretary of… Read More »
Multiple class action lawsuits have been filed against the Seattle-based Hearst Health subsidiary, MCG Health, over a data breach that has affected at least 10 healthcare organizations including Indiana University Health, Lenoir Health Care, Phelps Health, and Jefferson County Health Center. The data breach was reported to the HHS’ Office for Civil Rights on June… Read More »
HIPAA Journal has partnered with The Compliancy Group to provide a HIPAA compliance checklist. Complete the form below to view the checklist immediately. The post Free HIPAA Compliance Checklist appeared first on HIPAA Journal.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory for the healthcare and public health sector warning about three high-severity vulnerabilities in OFFIS DCMTK software. The software is used for examining, constructing, and converting DICOM image files, handling offline media, and sending and receiving images over a network connection. The vulnerabilities affect… Read More »
Podium, a Lehi, UT-based Software-as-a-Service company that provides business text messaging solutions for local businesses, has achieved HIPAA compliance with Compliancy Group. Podium is redefining the way patients interact with their local healthcare businesses. Through Podium’s robust business text messaging platform, healthcare organizations can text patient leads and current patients, leverage bulk texting for providing… Read More »
Earlier this month, a draft bipartisan bicameral bill was introduced that seeks federal data privacy and protection regulations, which would replace the current patchwork of data privacy laws in different U.S. states. The American Data Privacy and Protection Act (ADPPA) was introduced by Energy and Commerce Committee Chair Frank Pallone, (D-NJ), Ranking Member Cathy McMorris… Read More »
Patient Information Potentially Compromised in Atrium Health Phishing Attack A phishing incident has been reported by Charlotte, NC-based Atrium Health that exposed the protected health information of 6,695 patients who used its home health service, Atrium Health at Home. On April 7, 2022, an employee responded to a phishing email and disclosed credentials for an… Read More »
University of Pittsburgh Medical Center has agreed to settle a class action data breach lawsuit and will make $450,000 available to cover claims from individuals who have suffered losses due to the theft and misuse of their protected health information. The data breach affected approximately 36,000 patients and saw their protected health information accessed and… Read More »
A lawsuit has been filed against Meta that alleges the social media giant has been knowingly collecting patient data from hospital websites via the Meta Pixel tracking tool, and in doing so has violated the privacy of millions of patients. The lawsuit was filed in the U.S. Northern District of California and alleges violations of… Read More »
PHI of Almost 69,000 Individuals Compromised in Hacking Incident at Comstar Comstar, a Rowley, MA-based provider of ambulance billing, collection, ePCR Hosting, and client/patient services, has discovered an unauthorized third-party gained access to some of its servers which housed files that contained individuals’ personally identifiable and protected health information. Some of those files were confirmed… Read More »