Beware. Hackers have graduated to using vishing attacks to target patients. Vishing attacks occur when hackers call patients disguising themselves as a trusted entity, such as a healthcare organization, prompting patients to share sensitive information over the phone. Spectrum Health is warning patients and Priority Health members of one such vishing attack. Spectrum Health Vishing Attack Spectrum received reports that patients and [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients on their online breach portal known colloquially as the “wall of shame.” In August, 2,219,347 patients were affected by these large-scale breaches (not counting breaches affecting less than 500 patients), with 37 breaches reported. More details on the August healthcare breaches are discussed below. August Healthcare Breaches: [...]
In September of 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced that it settled HIPAA Privacy Rule right of access violations with five separate healthcare entities. The total settlement with all five organizations amounts to $136,500. In each instance, the healthcare provider was fined, and ended up settling with OCR, for its failure to provide patients with timely access to [...]
A nurse at Clinton County Health Department claims she was recently fired for refusing to disclose the names and addresses of patients that had tested positive for COVID to the Clinton County Sheriff's Department. The reason the nurse refused to provide the information stemmed from HIPAA law which states that PHI cannot be disclosed outside of treatment, payment, or healthcare operations, without patient authorization. That raises the [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights recently issued guidance on when HIPAA applies to health information that a patient creates, manages, or organizes through the use of a health app. The guidance also covers the issue of when mobile health app developers might need to comply with the HIPAA Rules. When are Mobile Health App Developers [...]
Hennepin County Medical Center (HCMC), the facility that treated George Floyd, fired 13 employees for unauthorized access to patient medical records. More details are discussed below. Unauthorized Access to Patient Medical Records: What Happened HCMC recently discovered that the medical records of George Floyd were illegally accessed by employees of the organization. HCMC first discovered the breach during its routine review [...]
College students’ return to campus in the fall of 2020 has been a popular news item. At a number of schools, students have been disciplined, and in some cases, expelled, for violating rules requiring social distancing and prohibiting large gatherings. Coronavirus infections on campus have been traced to parties, social gatherings, and the fact that students and employees of colleges are all in close proximity. Shockingly, [...]
SendGrid is a communication platform used for email marketing, voice, text, chat, and video. As a healthcare organization, you may be looking for a communication platform that you can use for communicating patient’s protected health information (PHI). However, before using a software, you must consider whether or not the platform is HIPAA compliant. The question of, is SendGrid HIPAA compliant, is discussed below. [...]
It was recently discovered that advancements in search engine capability may pose a risk to PHI security. Researchers from American College of Radiology (ACR), Radiological Society of North America (RSNA), and Society for Imaging Informatics in Medicine (SIIM) warned healthcare professionals and radiologists of the risk of using medical images for educational purposes. How Can Search Engines Identify Medical Images Optical Character [...]
Utah Pathology Services and Dynasplint Systems are the latest victims of phishing attacks in healthcare. More details about the incidents are discussed below. Phishing Attacks in Healthcare: Utah Pathology Services Utah Pathology was targeted by hackers who used an employee’s email account to gain access to the healthcare organization’s network. On June 30, they discovered a breach when hackers tried to redirect [...]
Work with the fastest growing HIPAA compliance company!
Is Your Organization HIPAA Compliant?
Use Our Software & Get The Seal of Compliance!
Use Our Software & Get The Seal of Compliance!