News & Analysis as of

Data Breach Health Insurance Portability and Accountability Act

Henry Ford Health System Notifies 18,000+ Patients of Health Data Breach

On December 6, 2017, Henry Ford Health System (HFHS) disclosed that health information of 18,470 patients may have been viewed or stolen. HFHS became aware of the incident on October 3, 2017 after employee credentials were...more

North Carolina DHS Notifies 6,000 of Data Breach of Drug Testing Information

The North Carolina Department of Health and Human Services has notified close to 6,000 individuals that a spreadsheet containing the names, Social Security numbers and test results for routine drug testing for employment,...more

Cottage Health Pays $2M to CA AG for Data Breach

Cottage Health, a three hospital health care system located in California has agreed to pay the California Attorney General’s Office $2 million to settle allegations that it failed to implement data security safeguards to...more

Healthcare Data Breaches Continue but Fell in October

The news about data breaches always seems to be dire lately. Some good news: data breaches in the healthcare industry were lower in October than in September, based upon reportable data breaches to the Office for Civil Rights...more

Global Privacy & Cybersecurity Update Vol. 16

by Jones Day on

UNITED STATES - Regulatory—Policy, Best Practices, and Standards - United States and China Renew Promise Not to Hack - On October 4, U.S. and Chinese officials agreed to not engage in targeted hacking. Per a...more

Lessons To Be Learned From The Breach Of Nearly 500,000 Individual Health Records Reported In September 2017

by Jackson Lewis P.C. on

A recent report indicates that nearly 500,000 individual health records were breached in September 2017. This figure is taken from the 39 healthcare data breaches involving more than 500 records that were reported to the...more

Maryland Data Breach Notification Law Updated: Effective 1/1/18

The Maryland Personal Information Protection Act has been updated and the new provisions are effective January 1, 2018. The new law expands the definition of personal information that is protected under the statute....more

Latest OCR Cybersecurity Newsletter Tackles Mobile Devices

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) released its October Cybersecurity Newsletter last week with a focus on mobile devices. Given the amount of work conducted on mobile devices...more

HIPAA Check: Do You Know What to Do if a Breach Happens to You?

by Williams Mullen on

Breaches happen. They happen to major health systems, and they happen to solo practitioners. They happen to health plans, and they happen to health information technology vendors. In our technology-reliant world, it would be...more

Clinical trials Part II: Privacy, cybersecurity risks, and managing ePHI

by Thompson Coburn LLP on

The ongoing digitization of the drug and medical device industries continues, and, as a result, new considerations have come to the forefront for companies engaged in clinical trials. In Part 1 of this series, we described a...more

Data Privacy + Cybersecurity Insider - November 2017

by Robinson & Cole LLP on

US-CERT Warns of New Ransomware: Bad Rabbit - The U.S. Computer Emergency Readiness Team (US-CERT) is warning companies in the U.S. about a new ransomware dubbed “Bad Rabbit.” US-CERT stated it has received multiple...more

OCR Notified of Patient Records Stored in Psychiatrist’s Basement

Paper records continue to be problematic. An Illinois psychiatrist reported to the Office for Civil Rights (OCR) that the medical records of 10,500 patients were stored in the basement of a house that he rented to an...more

Health Care E-Note - October 2017

by Burr & Forman on

Health care providers are constantly receiving requests for copies of patient medical records. Some requests come by way of the patient exercising his/her right to access his/her medical records, some come by way of patient...more

ALERT: Prepare to be Ransomed: A Primer on Legal Obligations Before and After Ransomware Strikes

by Pullman & Comley, LLC on

According to a recent U.S. Government Interagency report, ransomware is the fastest growing malware threat, targeting users of all types. An incredible 51 percent of respondents in a January 2017 study by the Ponemon...more

How Employers Can Become Experts at Data Breaches: Breaches involving employee health information

by Bryan Cave on

A large portion of the data breaches that occur each year involve human resource related information. Bryan Cave has put together a multi-part series to help human resource managers understand, prepare for, and react to, a...more

At least 473,074 Individuals’ Health Care Records Breached in September 2018

Unfortunately, September was another banner month for data breaches involving the health care industry. According to the Office for Civil Rights (OCR) website, 39 data breaches involving over 500 records were reported to the...more

Healthcare Cyber: House Inquiry Targets Medical Software

In its latest inquiry into cybersecurity risks in the healthcare sector, the House Energy and Commerce Committee last week requested a “formal briefing” from medical transcription vendor Nuance Communications, Inc. concerning...more

Business Associate Resold Fax Machine Containing PHI

Fax machines are still used in the medical community, and these days, faxing may be more secure than emailing as hackers have not yet cracked the task of hacking into old fax machines. All kidding aside, fax machines have...more

What to Do When You Find Yourself in the Data Breach Club

by Miles & Stockbridge P.C. on

In the wake of the latest massive data breach, this one involving Equifax, more and more companies are likely wondering what they should do in the event that they are faced with a data breach that exposes the personal data of...more

Arkansas Surgery Center Hit with Ransomware

Arkansas Oral & Facial Surgery Center (AOFSC) was recently hit with ransomware that shut down access to health information of its patients and rendered some of it imaging files, including X-rays of patient inaccessible....more

Don’t Forget HIPAA’s “Minimum Necessary” Rule When Making Health Information Disclosures

by Nossaman LLP on

When Covered Entities or Business Associates or their counsel analyze whether a particular disclosure of Protected Health Information (or “PHI,” as defined in HIPAA) is permissible, they should be sure also to analyze whether...more

McAfee Report Lists Health Care Sector as Most Targeted Industry for Cyber-Attacks

In its cyber security incident report outlining vulnerabilities for the second quarter of 2017, security firm McAfee lists the health care sector as having suffered the most security incidents, which surpasses the public...more

State Data Breach Notification Laws

by Foley & Lardner LLP on

While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more

Data Privacy + Cybersecurity Insider - October 2017

by Robinson & Cole LLP on

McAfee Report Lists Health Care Sector as Most Targeted Industry for Cyber-Attacks - In its cybersecurity incident report outlining vulnerabilities for the second quarter of 2017, security firm McAfee lists the health care...more

[Webinar] - Your Money or Your PHI: HHS "Guidance" on Ransomware - October 10th, 1:00pm CT

In recent years, HIPAA enforcement actions and penalties have increased both in volume and amount. Ransomware is the fastest growing malware threat to businesses that use electronic data. This webinar will provide listeners...more

571 Results
|
View per page
Page: of 23
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.