New Jersey State Attorney General Settles HIPAA Claims Against Printing Companies

In November of 2021, the New Jersey State Attorney General’s (AG) Office, Division of Consumer Affairs, settled 2 HIPAA claims, one HIPAA claim against Command Marketing Innovations (CMI), and another HIPAA claim against CMI’s business associate, Strategic Content Imaging, LLC (SCI). This $130,000 resolution settled each company’s potential HIPAA Security Rule and Privacy Rule violations. The printing companies were drummed into New Jersey court for having [...]

2023-04-06T14:00:34-04:00December 21st, 2021|

UKG Ransomware Attack Hits Healthcare Businesses Worldwide

Healthcare providers including NYU Langone University Hospital Long Island in New York and others around the world are reeling today in the wake of a reported ransomware attack on human resources services giant UKG. The breach affects services on the Kronos Private Cloud including UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions. It is unknown if electronic protected health information [...]

2023-04-06T14:00:37-04:00December 13th, 2021|

Healthcare Ransomware Attack Affects 1.5 Million

An Indiana hospital recently announced that it suffered a healthcare ransomware attack that potentially affected 1.5 million patients. Eskenazi Health began notifying affected individuals on Nov 11, 2021 of the incident after concluding their investigation. What Do We Know About the Healthcare Ransomware Attack? According to a press release published by Eskenazi Health, their security team became aware of suspicious activity on [...]

2023-04-06T14:00:43-04:00November 22nd, 2021|

2.8 Million Patients Affected by 2021 October Healthcare Breaches

October was Cybersecurity Awareness Month, but that didn’t stop healthcare breaches from surging with 2,817,162 patients affected by breaches last month. The vast majority of 2021 October healthcare breaches were hacking incidents targeting healthcare providers. There were a total of 49 healthcare breaches listed on the OCR breach portal in October: Type of entity breached 37 healthcare providers reported incidents (2,261,319 patients, 80.27% of total patients affected) 6 [...]

2023-04-10T11:18:36-04:00November 9th, 2021|

Improper Disposal of Medical Records Leads to Breach

HealthReach Community Health Centers announced that a breach occurred as the result of improper disposal of medical records. More details are discussed below. How Did the Breach Occur? HealthReach Community Health Centers released a statement regarding a breach that occurred due to the improper disposal of medical records. The healthcare provider contracted a third-party data destruction company (considered a business associate under [...]

2023-04-06T14:00:53-04:00September 23rd, 2021|

5.1 Million Patients Affected August 2021 Healthcare Breaches

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients to their online breach portal, known as the “HIPAA Wall of Shame.” In August 2021, there were 38 breaches posted on the portal, affecting 5,120,289 patients. August 2021 healthcare breaches predominantly consisted of hacking incidents affecting healthcare providers, with 4,656,453 patients affected by hacking incidents [...]

2023-04-06T14:00:55-04:00September 14th, 2021|

4.8 Million Patients Affected by 2021 July Healthcare Breaches

There were a staggering 4,774,165 patients affected by July’s 58 healthcare information breaches. The majority of these breaches were reported by healthcare providers, representing 65% of the total number of breaches for the month, and 71% of the total number of patients affected. And while it’s unsurprising, hacking incidents were the leading cause behind the month’s breaches, representing 72% of reported breaches, and 96% of patients affected by [...]

2023-04-06T14:01:02-04:00August 11th, 2021|

Average Cost of Healthcare Data Breach $4.62 Million

Each year, IBM Security and Ponemon Institute publish their “Cost of a Data Breach Report” in which they assess the previous year’s data breaches. In the 2021 breach report, it was determined that 2020 healthcare data breaches cost organizations $2 million to $9.42 million per incident. Furthering that ransomware attacks cost an organization an average of $4.62 million per incident. With ransomware attacks accounting for more than half [...]

2023-04-06T14:01:02-04:00August 5th, 2021|

PHI Ransomware Attack Targets Law Firm

On July 16, 2021, the Campbell, Conroy & O’Neil law firm published a press release revealing that they had been targeted by a PHI ransomware attack in February 2021.  Upon discovering the incident, Campbell contracted a third-party forensic firm to determine the nature and scope of the incident. The investigation determined that an unauthorized party had gained access to Campbell’s sensitive information, [...]

2023-04-06T14:01:05-04:00July 23rd, 2021|

1 Million Patients Affected by June 2021 Healthcare Breaches

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients on their online breach portal. Each month, we review those breaches to determine what the leading cause behind the previous month’s breaches are. June 2021 healthcare breaches affected 1,039,442 patients, and were predominantly the result of hacking incidents, representing 90.37% of patients affected by June’s breaches. [...]

2023-04-06T14:01:07-04:00July 14th, 2021|