For the fourth successive month, the number of reported healthcare data breaches has fallen. In March 2022, 43 healthcare data breaches of 500 or more records were reported to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR), which is a 6.52% fall from February and well below the 12-month average… Read More »

Immediate intervention following an instance of unauthorized access to protected health information (PHI) by a healthcare employee is 95% effective at preventing repeat offenses, according to a new study published in JAMA Open Network. Healthcare data breaches are occurring at record levels, and while large data breaches are often the result of hacking and other… Read More »

Indiana-based Deaconess Health System and Blue Earth County in Minnesota have notified individuals that sensitive personal information has been accessed by employees without authorization. Deaconess Health System Notifies Female Patients About Unauthorized Medical Record Access by Physician A physician formerly employed by Deaconess Health System in Evansville, IN, has been discovered to have accessed the… Read More »

Newman Regional Health (NRH), which operates a 25-bed critical access hospital in Emporia, KS, has recently started notifying 52,224 patients that unauthorized individuals have gained access to certain employee email accounts that contained protected health information. NRH explained on its website that a limited number of employee email accounts were accessed by unauthorized individuals over… Read More »

Urgent Team Holdings, which operates more than 70 urgent care and walk-in centers in Alabama, Arkansas, Georgia, Mississippi, and Tennessee, has recently notified 166,601 patients that some of their protected health information may have been obtained by unauthorized individuals in a November 2021 cyberattack. Urgent Team said it discovered its network had been compromised between… Read More »

The notorious cybercrime ZLoader botnet, which was used to deliver Ryuk ransomware in attacks on healthcare providers, has been disabled by Microsoft’s Digital Crimes Unit (DCU). Microsoft recently obtained a court order from the United States District Court for the Northern District of Georgia authorizing the seizure of 65 hard-coded domains used by the ZLoader… Read More »

A lawsuit has been filed against the in-home respiratory care provider, SuperCare Health, over a cyberattack and data breach that was reported to the Department of Health and Human Services on March 28, 2022. The incident involved the exposure and potential theft of the protected health information of 318,400 patients, including names, addresses, birth dates… Read More »

Five zero-day vulnerabilities have been identified in Aethon TUG autonomous mobile robots, which are used in hospitals worldwide for transporting goods, medicines, and other medical supplies. Hospital robots are attractive targets for hackers. If access to the robots is gained, a variety of malicious actions could be performed. Attackers could trigger a denial-of-service condition to… Read More »

Resources for Human Development Reports Breach Affecting 46,673 Individuals The Philadelphia, PA-based national human services nonprofit organization, Resources for Human Development (RHD), has recently confirmed that a hard drive containing the protected health information of 46,673 individuals has been stolen. The theft occurred on or around January 27, 2022, and was discovered by RHD on… Read More »

The integrated software communication organization, KrypticMED, has recently demonstrated compliance with the standards of the Health Insurance Portability and Accountability Act (HIPAA) and has been confirmed as having implemented an effective HIPAA compliance program. KrypticMED’s platform is used by skilled nursing facilities and other health institutes to improve communication. Critical information is shared through the… Read More »