Most dental practices are HIPAA-covered entities and are required to comply with the provisions of the Health Insurance Portability and Accountability Act (HIPAA). Patients are increasingly aware of the need for HIPAA compliance, and with cyberattacks on the healthcare industry increasing, full compliance with the HIPAA Rules has never been more important. To ensure that… Read More »
The HHS’ Office for Civil Rights (OCR) is continuing with its enforcement of compliance with the HIPAA Right of Access and has recently announced a further 5 financial penalties. The HIPAA Right of Access enforcement initiative was launched in the fall of 2019 in response to a significant number of complaints from patients who had… Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) has published new guidance for enterprises to help them secure mobile devices and safely access enterprise resources using mobile devices. The Enterprise Mobility Management (EMM) system checklist has been created to help businesses implement best practices to mitigate vulnerabilities and block threats that could compromise mobile devices and… Read More »
Sacramento, CA-based One Community Health has recently notified patients that its systems were compromised between April 19 and April 20, 2021. An unauthorized individual was discovered to have gained access to systems containing the personal and protected health information of certain employees and patients. A comprehensive forensic investigation was conducted by a third-party cybersecurity firm… Read More »
Sarasota MRI, Consociate Health, and Upstate Homecare have recently notified regulators and patients about security incidents involving personal and protected health information. Upstate Homecare Notifies 5,100 Patients About Ransomware Attack The Albany, NY-based home healthcare provider, Upstate Healthcare, has notified 5,114 patients about a recent ransomware attack in which patient data was stolen. It is… Read More »
A class action lawsuit filed against West Virginia University Health System over a breach of the protected health information of 7,445 patients has had the class certification order lifted by the Supreme Court of Appeals of West Virginia. The lawsuit is related to an insider data breach that occurred in 2016. Between March 2016 and… Read More »
A former employee of Huntington Hospital in New York has been charged with a criminal HIPAA violation over the unauthorized accessing of 13,000 patient records. The employee worked the night shift at the hospital impermissibly accessed the medical records of patients between October 2018 and February 2019. The types of information viewed by the employee included… Read More »
Retinal Consultants Medical Group, ACE Surgical Supply, and Three Rivers Regional Commission have recently reported cyberattacks in which the protected health information of patients may have been obtained by unauthorized individuals. Retinal Consultants Medical Group Hacking Incident Affects 11,603 Patients Vitreo-Retinal Medical Group Inc., dba Retinal Consultants Medical Group, says it was the victim of… Read More »
The Health Insurance Portability and Accountability Act requires HIPAA-covered entities and their business associates to complete a risk assessment to identify all risks to the confidentiality, integrity, and availability of ePHI. Not only is a risk assessment required for compliance, it allows organizations to identify and address risks before they can be exploited, thus helping… Read More »
Perkasie, PA-based TriValley Primary Care has started notifying 57,596 patients that some of their personal and protected health information has potentially been compromised. Suspicious activity was detected in its IT environment on October 11, 2021. Steps were immediately taken to secure its systems and prevent further unauthorized access, and third-party forensic experts were engaged to… Read More »