Ransom Paid for the Return of Patient Data

On May 28, 2021, Sturdy Memorial Hospital announced that it was targeted by a ransomware attack that compromised the protected health information of 57,400 patients. More details regarding the incident, and ransomware payment are discussed. How Did the Incident Occur? According to the breach notification posted on Sturdy Memorial Hospital’s website, they discovered a security incident that affected some of their IT [...]

2021-06-10T10:13:04-04:00June 10th, 2021|

4 Remote Working Security Tips: Protecting Patient Privacy in a Remote World

Although many businesses have returned to regular operations, there is still a large portion of workers that continue to work remotely, or work on a hybrid schedule. It seems as though this may continue for sometime, and for some companies, indefinitely. There can be a host of cybersecurity issues when staff members access company information while working remotely. So, how can you protect patient privacy in a remote [...]

2021-06-08T13:38:00-04:00June 8th, 2021|

Improper Patient Data Access Reported in ZocDoc Programming Error, Again

It was recently reported that the protected health information of 7,600 patients was exposed due to software programming errors. ZocDoc, a company that enables patients to self-schedule medical appointments through their online booking software, discovered a bug in their software that allowed improper access to patient data. More information on the improper patient data access is discussed. What Was the Programming Error [...]

2021-06-08T13:38:00-04:00June 4th, 2021|

OCR Settles 19th HIPAA Right of Access Case

Since 2019, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has brought a number of enforcement actions against healthcare providers for their failure to comply with the HIPAA Privacy Rule’s right of access standard. This standard requires providers to give patients timely access to their medical records. Recently, OCR announced its 19th settlement under its 2019 right [...]

2021-06-08T12:09:37-04:00June 2nd, 2021|

Is Carbonite HIPAA Compliant?

Is Carbonite HIPAA compliant? Carbonite is a software solution provider that offers data backup solutions, disaster recovery services, and endpoint protection. These are all security measures that must be implemented by covered entities and business associates to comply with HIPAA. But, does Carbonite offer a HIPAA compliant service? Find out below.  What Are HIPAA Required Data Backup and Disaster Recovery Plans? Carbonite offers both data backup and disaster [...]

2021-06-08T12:04:57-04:00May 27th, 2021|

2.6 Million Patients Affected by April Healthcare Breaches

Each month, we review the breaches occurring in the previous month to determine what the leading cause of that month’s breaches are. April healthcare breaches affected 2,623,378 patients, with the leading cause behind breaches listed as hacking incidents. There were 44 healthcare hacking incidents occurring in April 2021, affecting 2,260,008 patients, representing 86.15% of patients affected by April’s breaches. The second most common reason behind [...]

2021-05-27T16:58:30-04:00May 25th, 2021|

NIST Seeks Public Comment on Cybersecurity Resource Guide

In 2008, the National Institute of Standards and Technology (NIST) organization published guidance as to how covered entities and business associates were expected to implement HIPAA Security Rule requirements. At the end of April of 2021, the NIST organization announced that it is planning to update this cybersecurity guide. The NIST organization is seeking public comment as to what should be included in the new cybersecurity guide. The [...]

2021-06-02T12:08:05-04:00May 20th, 2021|

Is Citrix ShareFile HIPAA Compliant?

Citrix’s ShareFile touts itself as, “the secure file sharing and transfer service that's built for business.” But, is Citrix ShareFile HIPAA compliant? Read below if they follow HIPAA compliant file sharing. Why Does it Matter if Citrix ShareFile is HIPAA Compliant? Under HIPAA, any software provider that has the potential to access protected health information (PHI) is considered [...]

2021-06-02T12:00:35-04:00May 18th, 2021|

Healthcare Groups Push Back on Proposal to Modify HIPAA Privacy Rule

In January of 2021, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (Notice) to modify the HIPAA Privacy Rule. HHS has proposed to modify the Privacy Rule right of access provision by (among other measures) requiring providers, at an individual’s request, to mail or electronically transmit PHI to or through the individual’s personal health application (PHA). HHS seeks to define PHAs as [...]

2021-05-21T12:03:22-04:00May 14th, 2021|

7 Tips to Improving Healthcare Security

Ransomware attacks continue to rise, especially those targeting healthcare organizations. Hackers often target healthcare organizations in ransomware attacks to disrupt operations in hopes that the organization will pay a ransom. Healthcare organizations are also targeted in data theft incidents because patient information can be extremely valuable on the black market. This is why it has never been more important to protect your organization by improving your healthcare security. [...]

2021-05-21T12:04:00-04:00May 11th, 2021|
Load More Posts