26 04, 2019

NIST CSF and HIPAA Compliance: Health Care Providers at Risk

2019-04-26T15:40:44-04:00April 26th, 2019|

The sensitive health information maintained by health care organizations has grown to be a very attractive target for cyber attackers over the last few years. Health care organizations must ensure that they are addressing the full extent of their regulatory requirements when it comes to maintaining cybersecurity and HIPAA compliance. However, according to a recent study , many healthcare organizations are still not addressing their cybersecurity and HIPAA compliance [...]

24 04, 2019

New Random HIPAA Audits on the Horizon: CMS Compliance Review

2019-05-14T16:34:36-04:00April 24th, 2019|

HIPAA enforcement has been on the rise for the past few years, totaling over $70 million in fines since 2016 alone. And now, a new round of random HIPAA audits is on the horizon. Now, the Centers for Medicare & Medicaid Services (CMS) Division of National Standards, on behalf of the Department of Health and Human Services (HHS), is instituting a CMS Compliance Review Program of random HIPAA audits [...]

22 04, 2019

Data Breaches on the Rise

2019-04-24T17:21:18-04:00April 22nd, 2019|

The Breach Barometer Report by Protenus for 2019 has been published, analyzing healthcare data breaches in 2018. The report exposed a major increase in healthcare data breaches last year. Protenus used information gathered from Databreaches.net to conduct their investigation. The site tracks all data breaches reported to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) as well as breaches reported in the media. Although [...]

18 04, 2019

Toyota Data Breach Affects Millions

2019-05-01T15:01:07-04:00April 18th, 2019|

Recently, Toyota experienced a large-scale data breach affecting the personal information of many of its customers in the Asia-Pacific region private. There have been several Toyota data breaches across the region including in Australia, Thailand, Vietnam, and Japan. The largest of which was in Japan, which is thought to have affected 3.1 million customers. The cyber attack was widespread, occurring at eight separate locations across Tokyo. Although Toyota had [...]

17 04, 2019

All of Records Erased, Doctor’s Office Closes After Ransomware Attack

2019-04-17T17:35:49-04:00April 17th, 2019|

Brookside ENT & Hearing Services has permanently shut its doors after a devastating malware incident destroyed all of its electronic medical records. It is apparently the first U.S health care provider to close due to a ransomware attack, according to cybersecurity experts.  Four breaches of patient files have already been reported this year in Minnesota, where hackers are attacking hospitals and clinics in increasing numbers. However, previous attacks have [...]

15 04, 2019

Phishing Attack Exposes 23,811 Patients’ PHI

2019-04-15T14:50:51-04:00April 15th, 2019|

The threat from phishing attacks are growing faster than ever before. Healthcare organizations now need to implement the appropriate security measures in order to protect their patient’s information; otherwise you are susceptible to having a data breach-- and being fined thousands of dollars. Palmetto Health recently became a victim of a phishing scam after several emails were sent to their employees which contained a malicious hyperlink. When the link [...]

11 04, 2019

Is iMessage HIPAA Compliant?

2019-04-24T16:04:10-04:00April 11th, 2019|

  As technology continues to develop, there are becoming more ways to share patient data within your practice. iMessage is one example in particular that has been integrated into medical offices for internal communications between employees. While this is a faster way to facilitate conversation, the question becomes: is iMessage HIPAA compliant? Under the Health Insurance Portability and Accountability Act (HIPAA), there are national standards that health care organizations [...]

9 04, 2019

D.C. Attorney General Proposes Stricter Breach Notification Law

2019-04-24T16:02:28-04:00April 9th, 2019|

Washington D.C. Attorney General Karl A. Racine is pushing to strengthen the data breach notification laws for D.C. residents. If protected health information (PHI) is released without their knowledge, Attorney General Racine wants his residents notified more quickly and he wants to expand the circumstances when patients must be notified under the HIPAA breach notification rule. On March 21, 2019, A.G. Racine introduced the Security Breach Protection Amendment Act, [...]

4 04, 2019

$7.5 MM Class-Action Lawsuit Filed After UCLA Health Data Breach

2019-04-17T14:36:30-04:00April 4th, 2019|

Patients have filed suit against UCLA Health with a class-action settlement for $7.5 million after a data breach exposed their protected health information (PHI). UCLA first discovered suspicious activity on its network in October 2014 and turned to the FBI for help. During that time, it was determined that no medical records were compromised. Yet in May 2015, hackers broke through the system and gained access to patient PHI. [...]

3 04, 2019

Wearable HIPAA Security Concerns Grow for mHealth Apps & Devices

2019-04-03T13:56:26-04:00April 3rd, 2019|

Healthcare tech is moving more and more toward mHealth solutions for consumer use. Apple in particular has made major expansions into healthcare and mHealth technologies over the past few years. Many patients are using wearables such as the Apple Watch to monitor, track, and report health care data. But with this new field of mHealth, security issues abound and there are still many grey areas surrounding who is [...]