News & Analysis as of

Personally Identifiable Information Healthcare Data Breach

Health Care Compliance Association (HCCA)

Privacy Briefs: July 2024

Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more

Ballard Spahr LLP

2024 HIPAA Developments

Ballard Spahr LLP on

Over the course of the past few months, the Office of Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC), both of which are divisions of the U.S. Department of Health and...more

Whiteford

Client Alert: What You Need to Know About the FTC’s Changes to the Health Breach Notification Rule and How to Comply

Whiteford on

The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more

Wyrick Robbins Yates & Ponton LLP

Don’t Call It a Breach Rule: FTC Health Breach Notification Rule Has Been Here for Years, Now Updated to Serve as a Backdoor...

As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more

Seyfarth Shaw LLP

Keeping with the Times - FTC Expands Scope of Health Breach Notification Rule, Even as HHS Announces Its Own HIPAA Update

Seyfarth Shaw LLP on

On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2024

The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more

Carlton Fields

Change Healthcare Cyberattack Emphasizes Importance of Cybersecurity Readiness; Considerations for Hardening Your Cybersecurity...

Carlton Fields on

As the health care industry continues reeling from the recent Change Healthcare ransomware attack that crippled large portions of the U.S. health care system, health care providers are naturally reminded of the importance of...more

Health Care Compliance Association (HCCA)

Privacy Briefs: February 2024

The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more

Ballard Spahr LLP

HIPAA Breach Notifications – A Question of Timing

Ballard Spahr LLP on

You are the HIPAA privacy official of a hospital or health plan (a covered entity under HIPAA). You receive an email from a vendor that handles protected health information (a business associate), informing you that one month...more

Health Care Compliance Association (HCCA)

Privacy Briefs: December 2023

Report on Patient Privacy 23, no. 12  (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Sheppard Mullin Richter & Hampton LLP

FTC Looks to Update Health Breach Notification Rule, Targeting Digital Health Industry

The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more

Kohrman Jackson & Krantz LLP

Federal Court Rules No Common Law Duty to Prevent or Respond to Data Breaches

Like most healthcare entities, Indiana’s Trinity Health collects, stores, maintains and uses a large volume of particularly sensitive information about patients and others, including Personally Identifiable Information (PII)...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2023

Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2023

Personal information from federal lawmakers and congressional staff members was available on the dark web following a breach of DC Health Link, the health insurance marketplace for Washington, D.C. In an internal memo sent to...more

Sheppard Mullin Richter & Hampton LLP

States Catch Health Care Entities Taking the Bait in Phishing Attacks

The State Attorneys General in New York and New Jersey recently settled with four companies over alleged HIPAA noncompliance following phishing attacks. The New Jersey settlements were brought against three NJ-based cancer...more

Wyrick Robbins Yates & Ponton LLP

App-etite for Notification: FTC Says “Welcome to the Jungle” to Mobile Health App Developers in Policy Statement on Health Breach...

Last week’s news that the Federal Trade Commission is taking steps to begin rulemaking on consumer privacy and artificial intelligence drew plenty of attention from privacy professionals, and suggests 2022 could be an...more

Foley & Lardner LLP

COVID-19: HHS Permits Business Associates to Use and Disclose PHI for Public Health and Health Oversight Purposes Without Amending...

Foley & Lardner LLP on

The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more

Stoel Rives - Global Privacy & Security Blog®

Trickbot and Emotet Financial Malware Now Attacking the Healthcare Industry

In a recent Cybercrime Tactics and Techniques Report focusing on the health care industry, cybersecurity company Malwarebytes discovered a significant 82% spike in Trojan malware attacks on health care organizations in Q3...more

Robinson+Cole Data Privacy + Security Insider

Jackson Health System Fined by OCR for $2.15 Million

The Office for Civil Rights (OCR) announced on October 23, 2019, that Jackson Health System (“Jackson”), a not for profit hospital system comprised of six hospitals, urgent care centers, nursing facilities and primary care...more

Robinson+Cole Data Privacy + Security Insider

Dental Practice Pays $10,000 Fine to OCR for Disclosing PHI on Social Media

Elite Dental Associates (Elite), located in Dallas, Texas has agreed to settle alleged HIPAA violations with the Office for Civil Rights (OCR) for $10,000....more

McDermott Will & Emery

Collaborative Transformation - Focus on Innovation Centers - Avoiding Pitfalls in Data-Focused Collaborations, Ventures and...

McDermott Will & Emery on

There are myriad opportunities for hospitals and health systems (HHSs) to engage in data-focused collaborations with other stakeholders in the healthcare industry. These collaborations include, to an increasing extent,...more

Robinson+Cole Data Privacy + Security Insider

Ransomware Attacks Double in 2019: Medical Providers Can’t Recover and Shut Down

Consistent with our experience, security firm McAfee has confirmed in a report that ransomware attacks have doubled in 2019. Medical providers have been hit hard this year, and one provider, Wood Ranch Medical, located in...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - September 2019

Robinson & Cole LLP on

The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to...more

Robinson+Cole Data Privacy + Security Insider

July 2019 Ranks Highest in History for Healthcare Data Breaches

July 2019 was the worst month in history for health care data breaches, with a total of 50 breaches that affected a total of more than 500 records reported to the Office for Civil Rights (OCR) according to HIPAA Journal. ...more

123 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide