Data Breach Electronic Medical Records

News & Analysis as of

The FTC Faces an Embarrassing Set-Back in its Data Security Enforcement Authority as the LabMD Saga Continues

On November 10th, the Eleventh Circuit Court of Appeals handed an embarrassing defeat to the Federal Trade Commission and an early Christmas present to LabMD, Inc. in the ongoing David and Goliath battle between the...more

Confusing Joint Guidance published by OCR and FTC on HIPAA Authorization Forms

There are arguments that there is a dearth of guidance by both the Office for Civil Rights (OCR) and Federal Trade Commission (FTC), so when guidance comes out, we listen. But the most recent guidance jointly issued by the...more

Malware Attacks Against Healthcare Sector Rose 67 percent in Q3 of 2016

The NTT Security Q3 Quarterly Threat Intelligence Report states that the healthcare industry is the fifth most targeted industry for ransomware (behind financial services, retail, manufacturing and technology) for all cyber...more

HHS Publishes New Guidance on HIPAA and Cloud Computing

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Central Ohio Urology Group Notifies 300,000 Patients of Breach

Approximately 300,000 patients of Central Ohio Urology Group have been notified that their protected health information has been stolen and posted online. Although the actual date of the hacking has not been released,...more

CryptoWall Ransomware Hits New Jersey Spine Center

The New Jersey Spine Center was hit with a variant of CryptoWall ransomware on July 27, 2016 that encrypted its electronic health record and its backup files. A double whammy....more

Additional Olympians’ Medical Records Hacked by Fancy Bear

We previously reported that several U.S. Olympians’ medical records were posted online by the Russian hacking group Fancy Bear. The World Anti-Doping Agency (WADA) has confirmed that the medical records of 25 more...more

Small-Breach Focus Shows Growing Scope Of HIPAA Probes

Flexing yet more enforcement muscle under the Health Insurance Portability and Accountability Act, on Aug. 18, 2016, the U.S. Department of Health and Human Services Office for Civil Rights announced that it will more widely...more

Information From 700+ Patients Stolen from LAC+USC Medical Center

Los Angeles County-USC Medical Center (LAC+USC) has notified patients that the protected health information of over 700 patients seen in the LAC+USC neurosurgery clinic was stolen from an employee’s car. The information,...more

MedStar Health Cardiology Associates Employee Emails Patient Information to Personal Account and Gets Fired

MedStar Health Cardiology Associates, (“MedStar Cardiology”) affiliated with MedStar Health, which was recently in the news for a ransomware attack, discovered that an employee sent protected health information of 907...more

SCAN Health Plan Notifies Patients of Data Breach Affecting 87,000 Individuals

SCAN Health Plan of California, SCAN Health Plan Arizona, and VillageHealth are in the process of notifying certain plan members and non-plan members of a breach of protected health information, including names, addresses,...more

Orleans Medical Clinic Notifies 6,890 Patients of Data Breach

Orleans Medical Clinic (Orleans) in Indiana has notified the Office for Civil Rights that the protected health information of 6,890 patients was compromised as a result of an upgrade to its server. Orleans is in the process...more

Outer Banks Hospital Reports Breach of PHI In Loss of Two Thumb Drives

Everybody knows how much I hate USB and thumb drives. The latest scheme is for hackers to leave thumb drives in coffee shops, airports, office buildings, libraries and other public places. These USB and thumb drives contain...more

OCR: No privacy breach is too small

The Office for Civil Rights (OCR) HIPAA enforcement efforts are continuing to increase. This year, the OCR has already announced 10 HIPAA enforcement actions involving fines, which is a 67 percent increase from last year and...more

HIPAA Breaches: Size Doesn't Necessarily Matter

The U.S. Department of Health and Human Services Office of Civil Rights (OCR) made headlines this month with a record $5.55 million HIPAA settlement reached with Advocate Health Care System, Illinois’ largest health care...more

HSS Issues New Guidance on Ransomware Attacks Against HIPAA-Covered Entities

Ransomware attacks at hospitals and other healthcare facilities have dramatically increased over the last several years, putting healthcare providers in the uncomfortable position of having to consider paying thousands of...more

HIPAA Hat Trick: Security Violations Lead to Three Major Settlements

Look no further than the last three weeks for proof that HIPAA enforcement is on the rise. Failure to maintain the security of information systems containing patient information has cost healthcare providers over $10...more

Illinois Revises Data Privacy Statute

Earlier this year, Illinois enacted a number of changes to the Illinois Personal Information Protection Act (“PIPA”). The amendments to PIPA, among other things, expand the definition of personal information subject to...more

Athens Orthopedic Clinic’s EMR compromised by hackers using vendor’s log-in credentials

Athens Orthopedic Clinic in Georgia reported on July 25, 2016, that a hacker gained access to its electronic medical record system at the end of June using the log-in credentials of a third-party vendor....more

OCR’s Recent $2.7 Million Settlement with Oregon Health & Science University Highlights the Importance of HIPAA Compliance...

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) and Oregon Health & Science University (OHSU) recently entered into a resolution agreement to settle potential violations of HIPAA’s Privacy and...more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

Massachusetts General Hospital vendor Patterson Dental Supply reports breach of 4,300 patient records

Patterson Dental Supply, Massachusetts General Hospital’s (MGH) vendor that provides software to the hospital to manage dental practice information, has reportedly admitted that approximately 4,300 of MGH’s patient records...more

Data Security Safeguards Can Help Healthcare Employers Withstand Cyberattacks—and Government Audits

The last couple of years have brought a steady rain of bad news for the healthcare industry when it comes to data security: Insurers faced with massive data breaches affecting thousands of health plans and millions of...more

Newest Ponemon study released on health care data breaches

The Ponemon Institute has recently released its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. The study has included business associates for the past two years. The study included information received...more

Intermedix data breach class action case dismissed

We previously reported that Intermedix was sued in a class action lawsuit regarding the data breach involving millions of patient records....more

109 Results
|
View per page
Page: of 5
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×