A Florida specialty pharmacy is facing a class action lawsuit over an October 2021 cyberattack in which the personally identifiable information (PII) and protected health information (PHI) of up to 350,000 patients were stolen. Altamonte Springs, FL-based BioPlus Specialty Pharmacy Services said a hacker had access to its network from October 25, 2021, until November… Read More »
Fertility Centers of Illinois (FCI) has recently notified 79,943 current and former patients that some of their protected health information may have been viewed or obtained by unauthorized individuals. FCI identified suspicious network activity on February 1, 2021, and took prompt action to secure its systems. Independent forensic investigators were then engaged to determine the… Read More »
The Rhode Island Public Transit Authority (RIPTA) has recently notified the Department of Health and Human Services’ Office for Civil Rights about a data breach involving the protected health information (PHI) of 5,015 members of its group health plan. RIPTA explained in a breach notice on its website that the cyberattack was detected and blocked… Read More »
The year has started with a major breach report from Broward Health in Florida, which has recently started notifying more than 1.3 million patients and employees about a data breach that occurred on October 15, 2021. A hacker gained access to the Broward Health network through the office a third-party medical provider that had been… Read More »
Nampa, Idaho-based Saltzer Health has started notifying certain patients that some of their protected health information (PHI) has been exposed in an email account breach that was detected on June 1, 2021. The investigation revealed an unauthorized individual had access to an employee’s email account between May 25, 2021, and June 1, 2021. Saltzer Health… Read More »
The most common HIPAA violations that have resulted in financial penalties are the failure to perform an organization-wide risk analysis to identify risks to the confidentiality, integrity, and availability of protected health information (PHI); the failure to enter into a HIPAA-compliant business associate agreement; impermissible disclosures of PHI; delayed breach notifications; and the failure to… Read More »
The latest article in our HIPAA basics series answers the question what is protected health information? The Health Insurance Portability and Accountability Act (HIPAA) requires covered entities to implement safeguards to ensure the confidentiality, integrity, and availability of protected health information, but what is protected health information? First, it is worthwhile explaining two other important… Read More »
The Healthcare Supply Chain Association (HSCA) has issued guidance for healthcare delivery organizations, medical device manufacturers, and service suppliers on securing medical devices to make them more resilient to cyberattacks. The use of medical devices in healthcare has grown at an incredible rate and they are now relied upon to provide vital clinical functions that… Read More »
The largest healthcare data breaches of 2021 rank as some of the worst of all time. In this post, we summarize some of the most serious data breaches to be reported in what has turned out to be another record-breaking year. The Department of Health and Human Services’ Office for Civil Rights’ breach portal shows… Read More »
The Bradenton, FL-based gastroenterology healthcare provider Florida Digestive Health Specialists (FDHS) has recently started notifying more than 212,000 patients that some of their protected health information has been exposed in a December 2020 cyberattack. Notification letters were sent to affected individuals on December 27, 2021, by attorney Jason M. Schwent of Clark Hill. The letters… Read More »