Report: Facebook Tracker Collecting Hospital Patient PHI

Use of Tracker by Hospitals Likely Violates HIPAA An investigation by The Markup and Stat has uncovered a tracking tool used by 33 of the country’s top 100 hospitals that collects patients’ protected health information (PHI) and sends it to Facebook—including details about medical conditions, prescriptions, and physician appointments. Experts contacted in the article, including a former head [...]

2022-06-17T14:47:46-04:00June 17th, 2022|

What Happens After a HIPAA Complaint is Filed?

Even when you do the best you can to comply with HIPAA regulations, violations and breaches may occur. Clients or patients may report what they think are violations, even when they’re not. What happens after a HIPAA complaint is filed? What rights do you have as a covered entity or business associate? And what is the worst-case scenario? Common Violation Examples – [...]

2022-05-06T17:03:27-04:00April 25th, 2022|

The Crime and the Time for HIPAA Criminal Penalties

Three people in Louisiana recently pled guilty to federal bank larceny charges following an identity theft scheme that resulted from the unauthorized release of protected health information (PHI) by an employee at a medical clinic. We all have heard about the fines assessed against covered entities and business associates who have violated HIPAA standards and been caught. Many may not realize that [...]

2022-05-06T17:03:30-04:00March 30th, 2022|

Dental Trio & Psych Practice Hit with Access, Privacy Fines

Following a winter of hibernation, the Department of Health and Human Services (HHS) regulators roared to life with the announcement of three settlements and one fine totaling more than $172,000 for violations of HIPAA’s Patient Right of Access and Privacy Rules. Each HIPAA dental fine, as well as the behavioral health fine, were issued for varying degrees of noncompliance. Monetary Penalties Assessed [...]

2022-05-23T13:51:26-04:00March 28th, 2022|

NY AG SHIELD UP! Vision Benefits Provider Settles Email Data Breach

In January of 2022, EyeMed Vision Care LLC, a New York vision benefits provider, settled an action brought by the New York State Attorney General against it for failing to implement adequate data security measures, including multifactor authentication, password management, and logging of email accounts.  These deficiencies resulted in a 2020 email data breach during which hackers accessed an EyeCare email account [...]

2022-05-06T17:03:39-04:00January 26th, 2022|

What’s the Civil Penalty for Unknowingly Violating HIPAA?

When a covered entity or business associate makes the HIPAA Wall of Shame for a significant breach or violation, it often results in huge fines. In some cases, the breaches and resulting fines resulted from organizations knowingly violating HIPAA regulations and just hoping they wouldn’t get caught. However, many violations and fines occur because people thought they were doing enough to be compliant. Do the regulators [...]

2022-05-06T17:03:40-04:00January 24th, 2022|

Causes and Effects of HIPAA Violations in the Dental Field

Building and maintaining a thriving dental practice is not a simple task. Between keeping your staff at peak efficiency, managing vendors, marketing your services, treating patients, and everything else in your day, it’s easy to overlook something like HIPAA compliance. Unfortunately, HIPAA violations in the dental field can create severe issues for your practice. Who Defines HIPAA Violations in the Dental Field [...]

2022-05-06T17:03:40-04:00January 21st, 2022|

Quest Diagnostics Subsidiary Hit with Data Breach Lawsuit

Quest Diagnostics subsidiary, ReproSource Fertility Diagnostics has been sued by a patient over alleged security deficiencies. The Quest data breach lawsuit was filed one month after the October 8, 2021 announcement of a ransomware attack that potentially exposed the protected health information (PHI) of 350,000 individuals. Details of the Quest Data Breach Lawsuit According to the notification provided by ReproSource, the company’s [...]

2022-05-06T17:03:43-04:00December 31st, 2021|

Canada Nabs Suspect in Alaska HIPAA Breach

Ontario Provincial Police (OPP) in Canada have arrested a man believed to be responsible for an Alaska HIPAA breach in April 2018 that resulted in the possible exposure of approximately 700,000 individuals' protected health information. Following a 23-month investigation, Matthew Philbert, 31, was arrested on November 30, 2020, and charged with fraud, unauthorized use of a computer, and "possession of device to [...]

2022-05-06T17:03:44-04:00December 27th, 2021|

Hackensack Cancer Center Settles HIPAA Violations With New Jersey Attorney General

In December of 2021, the New Jersey Attorney General’s Division of Consumer Affairs, Office of Consumer Protection, settled a HIPAA enforcement action that it brought against Regional Cancer Care Associates (RCCA). RCCA is based in Hackensack, New Jersey, and has over 30 locations throughout New Jersey, Connecticut, Maryland, and the Washington DC area. RCCA treats cancer patients as well as patients with blood disorders. RCCA fell victim to [...]

2022-05-06T17:03:44-04:00December 23rd, 2021|