Howard University College of Dentistry discovered on September 3, 2021, that unauthorized individuals had gained access to its network and used ransomware to encrypt files. An announcement was made by the university shortly after the attack that it had been forced to cancel online and hybrid classes while its systems were restored, and that a… Read More »
Tt has been several years since new HIPAA regulations have been introduced but that is likely to change very soon. The last update to the HIPAA Rules was the HIPAA Omnibus Rule changes in 2013, which introduced new requirements mandated by the Health Information Technology for Economic and Clinical Health (HITECH) Act. There are, however,… Read More »
A high severity vulnerability has been identified in certain Hillrom Welch Allyn Cardio products that allows accounts to be accessed without a password. The vulnerability is an authentication bypass issue that exists when the Hillrom cardiology products have been configured to use single sign-on (SSO). The vulnerability allows the manual entry of all active directory… Read More »
SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series remote access appliances that fixes 8 vulnerabilities including 2 critical and 4 high-severity flaws. Vulnerabilities in SonicWall appliances are attractive to threat actors and have been targeted in the past in ransomware attacks. While there are currently no known cases of the… Read More »
The Health Insurance Portability and Accountability Act requires HIPAA-covered entities and their business associates to complete a risk assessment to identify all risks to the confidentiality, integrity, and availability of ePHI. Not only is a risk assessment required for compliance, it allows organizations to identify and address risks before they can be exploited, thus helping… Read More »
A medical biller in the Tampa Bay area of Florida has pleaded guilty to four counts of healthcare fraud, four counts of aggravated identity theft, two counts of failing to file a tax return, and one count of filing a false tax return. Joshua Maywalt, 40, of Tampa, worked as a medical biller at a… Read More »
The University of Houston College of Optometry has discovered an unauthorized individual from outside the United States gained access to the network of an affiliated eye clinic and stole information contained in the clinic’s database. The Community Eye Clinic in Fort Worth, TX, is managed and administered by UH College of Optometry. Security staff identified… Read More »
On October 11, 2021, Perkasie, PA-based TriValley Primary Care discovered ransomware had been installed on its networks and servers, which contained the protected health information of some of its patients. Action was quickly taken to secure its systems and prevent further unauthorized access and third-party cybersecurity experts were engaged to assist with the investigation. The… Read More »
Seattle, WA-based Sound Generations has announced that unauthorized individuals have gained access to its internal systems and have used ransomware to encrypt files. Sound Generations is a nonprofit that helps older adults and adults with disabilities obtain free to low-cost healthcare resources. The organization is the largest provider of comprehensive services for aging adults in… Read More »
Three healthcare providers have recently reported security breaches involving the email accounts of employees, resulting in the exposure and potential theft of the protected health information of more than 40,000 individuals. Saltzer Health Saltzer Health identified a breach of its email environment on June 1, 2021. Steps were promptly taken to prevent further unauthorized access,… Read More »