Average Cost of Healthcare Data Breach $4.62 Million

Each year, IBM Security and Ponemon Institute publish their “Cost of a Data Breach Report” in which they assess the previous year’s data breaches. In the 2021 breach report, it was determined that 2020 healthcare data breaches cost organizations $2 million to $9.42 million per incident. Furthering that ransomware attacks cost an organization an average of $4.62 million per incident. With ransomware attacks accounting for more than half [...]

2021-08-05T17:37:46-04:00August 5th, 2021|

500K Patients Affected by Healthcare Data Breach

Orlando Family Physicians announced that it suffered a healthcare data breach, potentially exposing the protected health information (PHI) of 447,426 patients. In a statement posted on their website, OFP cites the cause as a phishing email that allowed unauthorized access to the email accounts of four employees.  What Happened? On April 15, 2021, OFP discovered that an unauthorized party gained access to an employee’s email account using the [...]

2021-08-03T15:34:46-04:00August 3rd, 2021|

ePHI Security Emphasized in HHS Summer Newsletter

Although the HHS has long stressed the importance of ePHI security, with the influx of healthcare breaches, it is clear that many organizations have not heeded the warning. With an increase in breaches across all industries, cybersecurity has become the focus of many government agencies including the HHS. Earlier this month the HHS published its “Summer 2021 Cybersecurity Newsletter” further emphasizing the importance of information access [...]

2021-07-30T13:26:38-04:00July 30th, 2021|

Is TigerText HIPAA Compliant?

TigerConnect is a communications platform that allows users to send secure messages, photos, videos, notes, and voice recordings through their TigerText service. TigerConnect specifically designed their product with healthcare workers in mind, allowing treating physicians to text patients information regarding their care, but is TigerText HIPAA compliant? Find out below. TigerText and HIPAA Compliant Security Features Assessing a software application’s security features [...]

2021-07-28T15:58:31-04:00July 28th, 2021|

PHI Ransomware Attack Targets Law Firm

On July 16, 2021, the Campbell, Conroy & O’Neil law firm published a press release revealing that they had been targeted by a PHI ransomware attack in February 2021.  Upon discovering the incident, Campbell contracted a third-party forensic firm to determine the nature and scope of the incident. The investigation determined that an unauthorized party had gained access to Campbell’s sensitive information, [...]

2021-07-23T13:42:14-04:00July 23rd, 2021|

6 MSP HIPAA Compliance Tips

As an MSP with healthcare clients, it is important to understand how HIPAA applies to you and your clients. As your clients’ trusted advisor, your clients will rely on you to help them comply with HIPAA. To help you understand your HIPAA obligations, and how to carry them over to your clients, MSP HIPAA compliance tips are discussed below. MSP HIPAA Compliance Tips You [...]

2021-07-21T08:18:52-04:00July 21st, 2021|

Is ProtonMail HIPAA Compliant?

ProtonMail is an email encryption service that is designed with businesses in mind, enabling users to send and receive secure emails. But when you work with protected health information, you must consider more than a software’s security, you must also look at whether or not it is HIPAA compliant. Is ProtonMail HIPAA compliant? Find out by reading below. ProtonMail HIPAA Compliant Email Encryption [...]

2021-07-16T16:36:24-04:00July 16th, 2021|

1 Million Patients Affected by June 2021 Healthcare Breaches

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients on their online breach portal. Each month, we review those breaches to determine what the leading cause behind the previous month’s breaches are. June 2021 healthcare breaches affected 1,039,442 patients, and were predominantly the result of hacking incidents, representing 90.37% of patients affected by June’s breaches. [...]

2021-07-14T13:15:37-04:00July 14th, 2021|

Is Zapier HIPAA Compliant?

Zapier is an automation tool that enables software applications to be integrated, allowing products that don’t normally communicate with each other to do so. Being able to integrate, say your CRM with your email service provider, allows you to work more efficiently. However, as an organization working in the healthcare field, you have to be careful when choosing which software to use, and how your organization uses the [...]

2021-07-09T12:11:34-04:00July 9th, 2021|

EHR HIPAA Violations: Employee Impermissible Access Undetected for 12 Years

Former healthcare worker was discovered to have been improperly accessing patient files through an EHR platform for 12 years. Over this time period they accessed 7,000 patients’ files without the need to do so. More details on the EHR HIPAA violation are discussed below. Aultman Health Foundation in Ohio Insider Breach Aultman Health Foundation in Ohio, the organization where the healthcare worker [...]

2021-07-06T11:09:07-04:00July 6th, 2021|
Load More Posts