Data Breach Healthcare

News & Analysis as of

EXPECT FOCUS: Onboard Technology, NAIC Cybersecurity, DOL, ACA Litigation, SEC Regulation (Vol. III, Summer 2015)

In This Issue: IN THE SPOTLIGHT - - Your Data Breach Collided With My Personal Injury Coverage LIFE INSURANCE - - Phantom Injury Dooms “Shadow Insurance” Case - Latest NAIC Cybersecurity News - A...more

Reports Instruct Office of Civil Rights to Increase HIPAA Enforcement Activities

On September 29, 2015, the Office of Inspector General (OIG) released two reports that reviewed the Office of Civil Rights’ (OCR) enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The...more

OCR announces launch of Phase 2 of HIPAA audits

Although the Office for Civil Rights (OCR) has indicated in the past that it would start its next round of HIPAA audits, apparently it means business now. In the wake of an Inspector General report that the OCR was merely...more

Evolving Litigation of Data Breach Claims

An Illinois circuit court judge has dismissed five of six claims in a consolidated class action against Advocate Health and Hospital Corporation arising from a data breach in July 2013. The judge’s dismissal with prejudice...more

State Data Breach Notification Requirements Specifically Applicable to Insurers

Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised....more

Blog: Excellus is Latest in Line of BCBS Insurers Experiencing Cyberattack

Excellus, a BlueCross BlueShield (BCBS) provider servicing upstate New York, announced last week that it was the latest in a string of BCBS providers that experienced a data breach as a result of a cyberattack. CareFirst...more

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

Advocate Health class action lawsuit trimmed

Last week, an Illinois judge dismissed with prejudice five of the six claims levied against Advocate Health Care in a consolidated case of ten cases filed against it following the data breach it experienced in July of 2013...more

How to Avoid and Respond to a Cybersecurity Breach

In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more

OCR Enters into $750,000 Settlement with Physician Practice for HIPAA Violations

On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more

OCR settlement reiterates importance of proactive security rule compliance

On September 2, 2015, the U.S. Department of Health & Human Services (HHS) announced that Cancer Care Group, P.C. (CCG), a physician practice located in Indiana, agreed to pay $750,000 as part of a settlement to resolve...more

Jury Clears UCLA Health in Lawsuit Stemming From Improper Access to PHI by Plaintiff’s Romantic Rival

A UCLA employee and patient now has celebrity-level security on her protected health information (PHI) as maintained by the UCLA Health system, but a jury denied her the $1.25 million in emotional distress damages she sought...more

DOD Adopts Interim Cyber Rules As Claims of Chinese Cyber Attacks Continue

U.S. officials have blamed Chinese government-backed attackers for many of the recent cyber attacks on U.S. government and business computer networks: “Researchers and government officials have determined that the Chinese...more

Crafting a more realistic business associate agreement

According to a recent survey by KPMG, eighty percent (80%) of health care executives report that their information technology systems have been compromised by cyber attacks. Most healthcare institutions, the survey found,...more

UCLA suffers another data breach

Last week, UCLA notified 1242 patients that their health information may have been compromised in July when a faculty member’s laptop was stolen. UCLA has notified the patients, the Office for Civil Rights and the California...more

10 million Excellus Blue Cross Blue Shield members’ information compromised

Yesterday, Excellus Blue Cross Blue Shield, located in Rochester, NY, announced that it will notify up to 10 million members that it was the victim of a cyber-attack dating back to December of 2013 that exposed their members’...more

$750,000 Settlement Agreement Reiterates Importance of HIPAA Security Rule Compliance

On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more

Cybersecurity as a Regulatory Issue: The NAIC Considers The Anthem Breach And Weighs a “Cybersecurity Bill of Rights”

The Cybersecurity Task Force of the National Association of Insurance Commissioners (the “NAIC”) met last month, as part of on the NAIC’s 2015 Summer National Meeting in Chicago. The Task Force focused on two issues: the...more

Under the Dome: Inside the Maine State House

Under the Dome: Inside the Maine State House provides a high-level overview of recent activity at the Maine State House. House District 19 Special Election - On November 3, 2015 the citizens of Sanford can take...more

Mobile Health Devices and Cybersecurity: Federal Guidance for Management of Threats in Medical Devices

New Technology = New Threats - With new technology comes new security concerns. But when that new technology is in the medical field, the cybersecurity vulnerabilities can be particularly devastating. The...more

Seventh Circuit rules hospital system is not a Consumer Reporting Agency under FCRA

Is a hospital a “consumer reporting agency”? Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach? The Seventh Circuit Court of Appeals recently considered these...more

FDA issues first medical device hacking alert

Reportedly for the first time ever, the FDA recently issued a declaration that hospitals should not use a medical device manufactured by Hospira Inc. because of security flaws that could allow hackers to penetrate hospital...more

Data processing company hit with class action lawsuit for data breach and Judge denies class certification the next day

Advanced Data Processing, Inc. and Intermedix Corp. were sued in federal court in Florida last week for violating the Health Insurance Portability and Accountability Act (HIPAA) for failing to protect the health information...more

Second class action suit filed against Medical Informatics

We previously reported that Medical Informatics Engineering, Inc. was sued over a data breach that occurred in May and affected over 4 million individuals. Thereafter, Indiana AG Gregory Zoeller advised all Hoosiers to freeze...more

CareFirst BlueCross BlueShield sued for hacking incident

Not to be left out, plaintiffs filed suit against CareFirst BlueCross Blue Shield late last week for the hacking incident the insurer suffered in May, which resulted in unknown intruders gaining access to names, dates of...more

144 Results
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.