A hacker extracted the protected health information (PHI) of 535,489 patients from Texas ENT Specialists in August 2021. Although the Texas ENT breach occurred in August, it was not listed on the Office for Civil Rights portal until December 2021. Details of Texas ENT Breach Officials at Texas ENT Specialists first learned of the incident on October 19, 2021. The investigation revealed [...]
Quest Diagnostics subsidiary, ReproSource Fertility Diagnostics has been sued by a patient over alleged security deficiencies. The Quest data breach lawsuit was filed one month after the October 8, 2021 announcement of a ransomware attack that potentially exposed the protected health information (PHI) of 350,000 individuals. Details of the Quest Data Breach Lawsuit According to the notification provided by ReproSource, the company’s [...]
A cybersecurity flaw responsible for widespread disruptions of applications and web services has the potential to adversely affect medical device security around the world. How the Log4j Hacks Threaten Medical Device Security Hackers found a vulnerability in the open-source Apache logging library Log4j that gives them the ability to take control of a machine very quickly and easily. The Log4Shell hack requires [...]
What will HIPAA 2022 bring? Picture the end of 2020. A raging COVID pandemic, for which vaccinations had only started. An outgoing Presidential administration giving the reins to a new one. And, in the middle of all of this, some seeds planted by the federal government seemed bound to blossom into changes in HIPAA law and regulations. At the end of 2020, [...]
The 2021 cost of healthcare data breaches soared to an average of $9.3 million per occurrence, according to a report released by IBM Security – a 29.5 percent increase over 2020’s average of $7.13 million. The average percentage increase of healthcare data breaches was nearly three times higher and nearly twice as costly as the global industry average. The report found that the average cost of a data [...]
Ontario Provincial Police (OPP) in Canada have arrested a man believed to be responsible for an Alaska HIPAA breach in April 2018 that resulted in the possible exposure of approximately 700,000 individuals' protected health information. Following a 23-month investigation, Matthew Philbert, 31, was arrested on November 30, 2020, and charged with fraud, unauthorized use of a computer, and "possession of device to [...]
As the year rolls on, cybercriminals continue to pillage data from hospitals and practices through their EHR platforms. In one such EHR security breach, Southern Ohio Medical Center in Portsmouth, Ohio announced that it fell victim to a cyberattack in a post on Facebook. An unauthorized third-party gained access to its computer servers, initially causing diversion of ambulances and cancelation of appointments. [...]
In December of 2021, the New Jersey Attorney General’s Division of Consumer Affairs, Office of Consumer Protection, settled a HIPAA enforcement action that it brought against Regional Cancer Care Associates (RCCA). RCCA is based in Hackensack, New Jersey, and has over 30 locations throughout New Jersey, Connecticut, Maryland, and the Washington DC area. RCCA treats cancer patients as well as patients with blood disorders. RCCA fell victim to [...]
A nonprofit organization in Washington state, Sound Generations, reported a pair of data breaches potentially impacting 103,576 clients to the Office for Civil Rights (OCR) data breach portal on December 8, 2021. Details regarding the Sound Generations breach are discussed in detail below. Details of the Sound Generations Breach Sound Generations offers transportation, food security, and health and wellness services to seniors [...]
In November of 2021, the New Jersey State Attorney General’s (AG) Office, Division of Consumer Affairs, settled 2 HIPAA claims, one HIPAA claim against Command Marketing Innovations (CMI), and another HIPAA claim against CMI’s business associate, Strategic Content Imaging, LLC (SCI). This $130,000 resolution settled each company’s potential HIPAA Security Rule and Privacy Rule violations. The printing companies were drummed into New Jersey court for having [...]
Upcoming Webinar: Lessons from 2021's HIPAA breaches & fines
