Illinois Medical Marijuana HIPAA Compliance Required

The deadline for Illinois Medical Marijuana dispensaries to become HIPAA compliant was December 1, 2021. As of this date, Illinois medical marijuana HIPAA compliance is required for all dispensaries in the state that provide marijuana products to patients. This includes completion of a security risk assessment and encryption of electronic devices and networks that contain the protected health information (PHI) of patients. [...]

2022-05-06T17:03:46-04:00December 14th, 2021|

Planned Parenthood Class Action Lawsuit Filed Following Data Breach

Planned Parenthood Los Angeles faces a class-action lawsuit in the wake of an October cyberattack that potentially exposed the protected health information (PHI) of 409,759 patients. The Planned Parenthood class-action lawsuit is discussed in detail below Planned Parenthood Class-Action Lawsuit – Details of Lawsuit Filed on December 9, 2021, by an unnamed patient, the lawsuit alleges that the patient and class members [...]

2022-05-06T17:03:47-04:00December 10th, 2021|

$130K State HIPAA Settlement Announced

Two printing companies settled with New Jersey over an incident that exposed protected medical and client information. Under the state HIPAA settlement, Command Marketing Innovations, LLC (CMI) and Strategic Content Imaging, LLC (SCI) agreed to pay a $130,000 fine and implement more robust security policies. Why Were They Fined? The incident that led up to the state HIPAA settlement occurred when the [...]

2022-05-06T17:03:50-04:00November 12th, 2021|

Health Data Breach Lawsuit Filed Under CCPA

In July 2021, UC San Diego Health notified the public that it had been the victim of a four-month long phishing attack that gave hackers access to the protected health information of 495,949 patients. As a result, a health data breach lawsuit was filed alleging a violation of California Consumer Privacy Act, negligence, and breach of contract. The lawsuit seeks class-action status. [...]

2022-05-06T14:43:57-04:00September 30th, 2021|

Einstein Healthcare Class Action Lawsuit Alleges PHI Breach

Recently, a healthcare class action lawsuit was filed against Einstein Healthcare. The lead plaintiff in the healthcare lawsuit is patient Nanette Katz. In August of 2020, Einstein was the victim of a phishing attack that led to numerous employee email accounts being accessed by someone without authorization.  The 51-page complaint alleges Einstein Healthcare failed to secure and safeguard the protected health information (PHI) of patients, and failed to [...]

2021-05-04T13:39:21-04:00May 3rd, 2021|

AMCA Settles 2019 PHI Breach With 41 State Attorneys General

In 2019, the American Medical Collection Agency discovered that it was the victim of a data breach. Not just any data breach, though; the breach was the largest healthcare breach reported in 2019. AMCA, which operates in multiple states, informed states of the breach in June of 2019. A subsequent investigation led by the Attorneys General of Indiana, Texas, Connecticut and New York, led to a multistate lawsuit [...]

2022-05-06T14:44:04-04:00March 15th, 2021|

Virginia Consumer Data Protection Act Expected to Become Law

The Virginia House of Delegates and Senate have passed legislation known as the Virginia Consumer Data Protection Act (CDPA). The personal data act is expected to reach the desk of Virginia Governor Ralph Northam, who may sign the legislation by as early as the end of February of 2021. The CDPA is modeled on the California Consumer Privacy Act (CCPA), California’s expansive consumer data privacy protection law, and [...]

2021-03-08T11:16:07-05:00February 19th, 2021|

21st Century Oncology Settles HIPAA Data Breach Lawsuit

In late 2015, a cyberattacker accessed 21st Century Oncology’s (21CO) network database. As a result, 21CO was investigated by the Department of Health and Human Services’ (HHS) Office for Civil Rights. 21CO settled with HHS, however, a class action lawsuit was then filed against them. Details on the settlement and the HIPAA data breach lawsuit are discussed below. 21st Century Oncology and OCR Settlement [...]

2022-09-15T12:09:04-04:00February 18th, 2021|

Blackbaud Breach Victim Files Lawsuit Under California Healthcare Law

The Blackbaud breach is infamous for the sheer amount of organizations the incident affected. Among hundreds of affected organizations were several in the healthcare industry, compromising the protected health information of more than 11 million patients across the country. One such victim has filed a lawsuit against Rady Children’s Hospital, one of the breached organizations, under California healthcare law. More details on the lawsuit are discussed. [...]

2022-05-06T14:44:09-04:00January 27th, 2021|

Mayo Clinic Breach Leads to Healthcare Class Action Lawsuits

Back in August, Mayo Clinic announced that one of their former employees inappropriately accessed the medical records of 1,600 patients. This insider breach led several affected patients to file class action lawsuits against Mayo. The details of the breach and healthcare class action lawsuits are discussed below. Mayo Clinic Insider Breach On August 5, Mayo Clinic discovered that a former employee accessed patient files without authorization. The employee [...]

2022-05-06T14:44:14-04:00December 4th, 2020|