News & Analysis as of

Data Breach Protected Health Information

Partner Colin Zick Speaks to Bloomberg BNA about Cyberthreats and Healthcare Data

The federal government has identified two new cyberthreats that put patients’ personal data at risk for exposure. The threats, known as Spectre and Meltdown, exploit a vulnerability in many commercial computer chips...more

Hancock Health Hit with Ransomware That Shuts Down Network

It has been predicted that the healthcare industry will continue to be lambasted with ransomware in 2018. It has also been predicted that attackers will move from taking sensitive information hostage to sabotage, service...more

A Teachable Moment: Hospital Goes Public after Making Ransom Payment

It’s unusual for victims of ransomware to publicly acknowledge that they have paid hackers to go away. But a regional hospital in Indiana has made public its experience last week with a “sophisticated criminal group” as a...more

HIPAA Breach Reporting: 2017 Trends and Mends

by McGuireWoods LLP on

With 2017 having drawn to a close, it is once again time for HIPAA covered entities to complete their annual breach reporting obligations to the U.S. Department of Health & Human Services Office for Civil Rights (“OCR”)....more

Causes of Healthcare Data Breaches

by Bryan Cave on

Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), covered entities (e.g. healthcare providers and health plans) must notify the Department of Health and Human Services (“HHS”) of breaches...more

Small Health Care Providers: Do You Really Know What Your IT Services Vendor is Providing to Secure Your Systems?

by BakerHostetler on

A small health care provider such as a physician office or clinic often will contract with an IT services vendor to meet overall IT needs to operate the business. A small health care provider may not have the resources and...more

Banner Health Class Action Claims Survive Motion to Dismiss

Wednesday, a federal district court in Arizona denied in part and granted in part Banner Health’s motion to dismiss class action claims arising from a 2016 data breach. ...more

OCR Warns Health Care Industry of Risks with Previous Employees

In its November newsletter, the Office for Civil Rights (OCR) made a great point that we are seeing in the industry—the risks associated with previous employees. According to its newsletter, entitled “Insider Threats and...more

Henry Ford Health System Notifies 18,000+ Patients of Health Data Breach

On December 6, 2017, Henry Ford Health System (HFHS) disclosed that health information of 18,470 patients may have been viewed or stolen. HFHS became aware of the incident on October 3, 2017 after employee credentials were...more

North Carolina DHS Notifies 6,000 of Data Breach of Drug Testing Information

The North Carolina Department of Health and Human Services has notified close to 6,000 individuals that a spreadsheet containing the names, Social Security numbers and test results for routine drug testing for employment,...more

Cottage Health Pays $2M to CA AG for Data Breach

Cottage Health, a three hospital health care system located in California has agreed to pay the California Attorney General’s Office $2 million to settle allegations that it failed to implement data security safeguards to...more

Data Privacy + Cybersecurity Insider - November 2017 #4

by Robinson & Cole LLP on

Intel has confirmed it has a bug in its remote server management tool. The tool, known as Management Engine, permits administrators of IT systems to access devices remotely to apply updates or troubleshoot problems for users....more

Healthcare Data Breaches Continue but Fell in October

The news about data breaches always seems to be dire lately. Some good news: data breaches in the healthcare industry were lower in October than in September, based upon reportable data breaches to the Office for Civil Rights...more

Lessons To Be Learned From The Breach Of Nearly 500,000 Individual Health Records Reported In September 2017

by Jackson Lewis P.C. on

A recent report indicates that nearly 500,000 individual health records were breached in September 2017. This figure is taken from the 39 healthcare data breaches involving more than 500 records that were reported to the...more

Maryland Data Breach Notification Law Updated: Effective 1/1/18

The Maryland Personal Information Protection Act has been updated and the new provisions are effective January 1, 2018. The new law expands the definition of personal information that is protected under the statute....more

Data Privacy + Cybersecurity Insider - November 2017 #2

by Robinson & Cole LLP on

Michigan Governor Rick Snyder has signed into law the Cyber Civilian Corps Act, which established the Michigan Cyber Civilian Corps, dubbed MiC3. The corps has been in existence for three years but not statutorily deployed. ...more

A Question of Privilege: Court Wrestles With Attorney-Client and Work Product Issues in Data Breach Case

In a significant ruling addressing the scope of the attorney-client privilege and work product doctrine in a data breach case, a Federal judge in Oregon ordered Premera Blue Cross, the Washington-based healthcare services...more

Latest OCR Cybersecurity Newsletter Tackles Mobile Devices

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) released its October Cybersecurity Newsletter last week with a focus on mobile devices. Given the amount of work conducted on mobile devices...more

Beazley Publishes Special Report on 2017 Healthcare Breaches

Beazley has published a report outlining data breaches in the first nine months of 2017. The report notes that the highest cause of a data breach in 2017 so far are unintended disclosures, which accounted for 41 percent of...more

HIPAA Check: Do You Know What to Do if a Breach Happens to You?

by Williams Mullen on

Breaches happen. They happen to major health systems, and they happen to solo practitioners. They happen to health plans, and they happen to health information technology vendors. In our technology-reliant world, it would be...more

Clinical trials Part II: Privacy, cybersecurity risks, and managing ePHI

by Thompson Coburn LLP on

The ongoing digitization of the drug and medical device industries continues, and, as a result, new considerations have come to the forefront for companies engaged in clinical trials. In Part 1 of this series, we described a...more

OCR Notified of Patient Records Stored in Psychiatrist’s Basement

Paper records continue to be problematic. An Illinois psychiatrist reported to the Office for Civil Rights (OCR) that the medical records of 10,500 patients were stored in the basement of a house that he rented to an...more

Health Care E-Note - October 2017

by Burr & Forman on

Health care providers are constantly receiving requests for copies of patient medical records. Some requests come by way of the patient exercising his/her right to access his/her medical records, some come by way of patient...more

ALERT: Prepare to be Ransomed: A Primer on Legal Obligations Before and After Ransomware Strikes

by Pullman & Comley, LLC on

According to a recent U.S. Government Interagency report, ransomware is the fastest growing malware threat, targeting users of all types. An incredible 51 percent of respondents in a January 2017 study by the Ponemon...more

At least 473,074 Individuals’ Health Care Records Breached in September 2018

Unfortunately, September was another banner month for data breaches involving the health care industry. According to the Office for Civil Rights (OCR) website, 39 data breaches involving over 500 records were reported to the...more

457 Results
|
View per page
Page: of 19
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.