Cancer Patient’s Nude Photo Leak Cited in Data Breach Suit

A class-action lawsuit stemming from a February 2023 healthcare data breach in Pennsylvania further illustrates the need for an effective HIPAA compliance strategy, including data security and controls. The IT website The Register reported that medical records of at least two breast cancer patients containing above-the-waist nude photos were part of 75,000 patient records stolen by the BlackCat malware group. After Lehigh [...]

2023-03-23T15:16:38-04:00March 23rd, 2023|

Exposed: The Cerebral Health Breach

Wouldn’t you think a big company like Cerebral Health wouldn’t need help being HIPAA compliant? The telehealth startup specializing in mental health, says it inadvertently shared the sensitive information of over 3.1 million patients with Google, Meta, TikTok, and other third-party advertisers, as reported earlier by TechCrunch.  In a notice posted on the company's website, Cerebral admits to exposing a laundry list [...]

2023-03-17T15:40:18-04:00March 16th, 2023|

February 2023 Healthcare Breach Report

Each month, we review healthcare breaches posted on the Office for Civil Rights (OCR) online breach portal to determine the leading causes and how the incidents could have been prevented. The OCR publicly posts healthcare breaches that affected 500 or more individuals to ensure that all affected patients know their information could have been potentially compromised. Based on the current numbers, February [...]

2023-03-17T15:40:19-04:00March 14th, 2023|

January 2023 Healthcare Breach Report

Each month, we review healthcare breaches posted on the Office for Civil Rights (OCR) online breach portal to determine the leading causes and how the incidents could have been prevented. The OCR publicly posts healthcare breaches that affected 500 or more individuals to ensure that all affected patients know their information could have been potentially compromised. Based on the current numbers, January [...]

2023-02-17T16:27:35-05:00February 15th, 2023|

December 2022 Healthcare Breach Report

Each month, we review healthcare breaches posted on the Office for Civil Rights (OCR) online breach portal to determine the leading causes and how the incidents could have been prevented. The OCR publicly posts healthcare breaches that affected 500 or more individuals to ensure that all affected patients know their information could have been potentially compromised. Breaches dropped significantly in December 2022, [...]

2023-02-03T09:38:27-05:00January 30th, 2023|

Healthcare Remains Top Target in 2022 ITRC Breach Report

At least 344 organizations in the healthcare industry suffered data breaches in 2022, according to a just-released report from the Identity Theft Research Center® (ITRC). This is the third consecutive year that healthcare organizations led all industries in the number of data compromises noted in the ITRC report. Healthcare organizations represented 19 percent of the 1,802 breaches reported in the 2022 ITRC [...]

2023-01-27T13:22:00-05:00January 25th, 2023|

Breaches: You’re Not Invincible

On January 5th, wireless company T-Mobile discovered that hackers accessed data of about 37 million of its customers. Some of the data accessed included names, birth dates, emails, phone numbers and billing addresses, which in the healthcare industry, can be considered protected health information (PHI) when dealing with the treatment of a patient. Although T-Mobile doesn’t believe the systems were breached and [...]

2023-01-20T14:52:14-05:00January 20th, 2023|

November 2022 Healthcare Breach Report

Each month, we review healthcare breaches posted on the Office for Civil Rights (OCR) online breach portal to determine the leading causes and how the incidents could have been prevented. The OCR publicly posts healthcare breaches that affected 500 or more individuals to ensure that all affected patients know their information could have been potentially compromised. At least 6,904,441 records containing patients' [...]

2022-12-16T17:07:20-05:00December 12th, 2022|

October 2022 Healthcare Breach Report

Each month, we review healthcare breaches posted on the Office for Civil Rights (OCR) online breach portal to determine the leading causes and how the incidents could have been prevented. The OCR publicly posts healthcare breaches that affected 500 or more individuals to ensure that all affected patients know their information could have been potentially compromised. At least 6,242,589 records containing patients' [...]

2022-11-23T13:26:19-05:00November 23rd, 2022|

Cybersecurity Response Plans and CIRCIA

In March 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This new law will likely trigger changes to the cybersecurity response plans of many organizations. While there is not currently a standard to enforce, healthcare providers and the companies that provide support services to them will be affected by this new law.  CIRCIA Background [...]

2022-11-17T17:03:29-05:00November 14th, 2022|