HIPAA Journal

JANUARY 6, 2023

The Chicago, IL-based health system, CommonSpirit Health, is facing a class action lawsuit over its October 2022 ransomware attack. Malicious actors gained access to its IT systems on September 16, 2022, and deployed ransomware on October 2, 2022.

Ransomware 94

Ransomware Fraud Electronic Medical Records Hospitals 94

HIPAA Journal

MARCH 7, 2023

DoppelPaymer ransomware first appeared in 2019. Since then, the ransomware has been used in dozens of attacks on critical infrastructure organizations and industries, and private companies. The ransomware is based on BitPaymer ransomware, which is part of the Dridex malware family.

Ransomware 84

Ransomware Fraud HIPAA Hospitals 84

HIPAA Journal

JULY 14, 2023

While this is certainly good news, ransomware-related cryptocurrency payments increased significantly in H1 2023, and if the trend continues in the second half of the year, ransomware revenues could eclipse those of 2022. million in payments were made following ransomware attacks. million from H1 2022, with at least $449.1

Ransomware 88

Ransomware Fraud HIPAA 88

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware 99

Ransomware HIPAA Fraud Licensing 99

Healthcare IT News - Telehealth

OCTOBER 28, 2020

"Mass adoption of this technology will lead to new cybercrime focus, with an emphasis on stealing patient data to enable fraud, target health data in ransomware attacks, trick patients in social engineering schemes, and target remote patient monitoring devices," wrote the report authors.

Ransomware 160

Ransomware Fraud Telemedicine COVID-19 160

HIPAA Journal

MARCH 3, 2023

AssistCare Home Health Services has agreed to settle a class action lawsuit, filed on behalf of individuals affected by a cyberattack and data breach in January 2021. Unauthorized individuals gained access to its network between January 8 and January 10, 2021, and exfiltrated files containing patient data.

Ransomware 91

Ransomware Fraud HIPAA 91

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 68

Ransomware Fraud HIPAA Licensing 68

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware 95

Ransomware Fraud Licensing Health Insurance 95

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance 118

Health Insurance Licensing Ransomware Fraud 118

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud 109

Fraud Health Insurance Ransomware HIPAA 109

Compliancy Group

DECEMBER 20, 2024

The settlement is the third ransomware settlement entered into by OCR. On October 31, 2017, OCR initiated a compliance review of HVHS after the media reported that HVHS had experienced a ransomware attack. OCR imposed the ransomware civil monetary penalty for potential HIPAA Security Rule violations.

Ransomware 52

Ransomware HIPAA Fraud Electronic Medical Records 52

HIPAA Journal

MARCH 28, 2023

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000 to the New York Attorney General to resolve alleged violations of New York General Business Law and the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA 111

HIPAA Ransomware Malpractice Health Insurance 111

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents.

HIPAA 96

HIPAA Ransomware Health Insurance Fraud 96

HIPAA Journal

MARCH 1, 2023

The Albuquerque, NM-based health insurance provider, True Health New Mexico, has proposed a settlement to resolve claims related to a 2021 data breach that affected 62,983 members of its health plans. True Health New Mexico proposed the settlement to resolve claims related to these lawsuits with no admission of wrongdoing.

Fraud 108

Fraud Ransomware Health Insurance HIPAA 108

Compliancy Group

MAY 27, 2022

The law firm BakerHostetler published its annual Data Security Incident Response Report based on findings from 1,270 data security incidents managed by the firm in 2021. . 35% of healthcare breaches involved ransomware attacks, vs. 20% in 2020. 82% of ransomware attacks claimed to have removed data before encryption.

HIPAA 98

HIPAA Ransomware Hospitals Compliance 98

HIPAA Journal

JANUARY 24, 2023

million records in 2021 to 51.9 The theft of protected health information places patients and health plan members at risk of identity theft and fraud, but by far the biggest concern is the threat to patient safety. million records in 2021 due to a ransomware attack. million records in 2022.

HIPAA 122

HIPAA Ransomware Hospitals Fraud 122

HIPAA Journal

JULY 6, 2023

UKG (Ultimate Kronos Group), a multinational provider of workforce management and human resources (HR) management services, has proposed a $6 million settlement to resolve claims related to a ransomware attack and data breach that was discovered in 2021. Members of two subclasses are entitled to additional payments.

Ransomware 82

Ransomware COVID-19 Fraud HIPAA 82

HIPAA Journal

MARCH 24, 2022

The brief identified the top five threats against EHR as phishing attacks, malware and ransomware, encryption blind spots, cloud threats, and the misuse of credentials by employees. It also reported that the most common cause of healthcare data breaches in 2021 was compromised credentials.

HIPAA 123

HIPAA Ransomware Fraud 123

HIPAA Journal

MARCH 8, 2023

Ransomware gangs in particular have seen profits take a nosedive, with ransom payments decreasing by 38% year-over-year as victims refuse to pay up, even when there is the threat of publication of stolen data. The number of critical vulnerabilities reported in 2022 doubled from 2021, due to the rapidly evolving attack surface.

Ransomware 89

Ransomware Fraud HIPAA 89

HIT Consultant

MAY 9, 2023

As a result, patients feared an increased risk of fraud. While it was not publicized how the attacker gained initial access to the company’s network, plaintiffs argued that it was the DCA’s poor cybersecurity practices that exposed them to the risk of identity theft and fraud. million Ransomware : 3.85 percent, cost: $73.6

Ransomware 95

Ransomware Fraud Health Insurance HIPAA 95

HIPAA Journal

FEBRUARY 1, 2023

While it was common for ransomware attacks to be reported as such, these are increasingly reported as hacking incidents with no mention of file encryption or data theft. This is a worrying trend. The reason for the sudden decline in transparency is unclear, although there are several theories.

Fraud 123

Fraud HIPAA Ransomware Compliance 123

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud 77

Fraud Health Insurance Ransomware HIPAA 77

HIPAA Journal

DECEMBER 23, 2022

OneTouch Point – Ransomware Attack Involving 4.11 Hackers had gained access to its network and used ransomware to encrypt files, with that information also potentially stolen in the attack. Affected providers started to be notified in March that hackers had gained access to its databases in December 2021. Million Records.

HIPAA 92

HIPAA Ransomware Health Insurance Compliance 92

HIPAA Journal

MAY 18, 2023

2023 New York Heidell, Pittoni, Murphy & Bach LLP $200,000 61,438 Ransomware attack and data breach Violation of 17 provisions of the HIPAA Privacy and Security Rules 2023 Pennsylvania DNA Diagnostics Center $200,000 33,000 Stolen database containing 2.1 2023 Ohio DNA Diagnostics Center $200,000 12,600 Stolen database containing 2.1

HIPAA 102

HIPAA Compliance Ransomware Hospitals 102

Healthcare IT News - Telehealth

FEBRUARY 10, 2021

" "2021 will show that digital health from the patient and clinician perspective is so much more than video visits and remote patient monitoring." "2021 will show that digital health from the patient and clinician perspective is so much more than video visits and remote patient monitoring.

COVID-19 217

COVID-19 Hospitals Nurses Healthcare information Technology 217

Compliancy Group

MARCH 30, 2023

According to the report, there were 847,376 complaints of suspected internet crime in 2021, representing a 7% increase compared to the previous year. In 2022 there were a total of 800,944 complaints, which shows a 5% decrease from 2021, but the potential total loss has increased from $6.9 billion to more than $10.2

Ransomware 52

Ransomware Fraud HIPAA Compliance 52

HIPAA Journal

MAY 18, 2023

Larger healthcare providers may temporarily divert ambulances and cancel some appointments following a ransomware attack but do not typically halt operations, but smaller healthcare providers may be left with little alternative.

Ransomware 77

Ransomware Fraud HIPAA Health Insurance 77

HIPAA Journal

SEPTEMBER 28, 2022

Wolfe Clinic used the myCare Integrity medical records platform, which was accessed by an unauthorized party on or around December 4, 2021, who deleted databases and system configuration files. The Hive ransomware gang claimed responsibility for the attack. million patients.

Electronic Medical Records 79

Electronic Medical Records Ransomware Fraud HIPAA 79

Compliancy Group

FEBRUARY 17, 2022

According to a notice updated on the firm’s website on January 17, 2022, there was unusual activity detected on the company network on September 14, 2021. On October 13, 2021, preliminary findings revealed that hackers accessed and potentially copied information in network folders between September 9-14, 2021. We can help!

HIPAA 52

HIPAA Compliance Ransomware Fraud 52

MedTrainer

JULY 21, 2022

However, unauthorized access is causing more than just identity fraud. In January of 2018, Hancock Health of Indiana experienced a serious ransomware attack that forced their entire network to shut down. Since 2020, approximately 113 million people have been impacted by healthcare data breaches.

US Department of Health and Human Services 52

US Department of Health and Human Services HIPAA COVID-19 Compliance Officers 52

HIPAA Journal

FEBRUARY 9, 2023

In 2022, 22% of the data breaches investigated by Kroll occurred at healthcare organizations, up from 16% in 2021 – a year-over-year increase of 38%. These lawsuits allege victims face an imminent and increased risk of identity theft and fraud as a result of the theft of their personal and protected health information.

Fraud 52

Fraud Ransomware HIPAA Licensing 52

Healthcare Law Blog

JULY 5, 2022

As always, with technology comes data, and experts weighed in on issues like data use, licensing, aggregation, new rules on information blocking, ransomware attacks/cyber insurance, and preparing for disasters, whether natural or human-made. Regulatory and Enforcement Environment. Antitrust and Labor Relations.

Fraud 52

Fraud Governance Ransomware Licensing 52

Hall Render

MAY 20, 2022

UAMS Study Found Large Segment of Arkansans Still Susceptible to COVID-19 in Late 2020, 2021. These were Idaho’s five leading causes of death in 2021. hospital revenue jumped 9% in fiscal 2021, says report. hospital revenue jumped 9% in fiscal 2021, says report. Medicare fraud. Arkansas Gets $3.9M MASSACHUSETTS.

COVID-19 40

COVID-19 Nursing Homes Nurses Hospitals 40

HIPAA Journal

NOVEMBER 8, 2024

Planned Parenthood of Montana has shared further information on the RansomHub ransomware attack that was first announced in early September. When the security breach was announced, the investigation was still in the early stages, and it was unclear if the ransomware group had stolen any patient data. Mountain Time.

Ransomware 91

Ransomware Fraud HIPAA Health Insurance 91

Hall Render

MAY 13, 2022

Prism pays $650K to settle Medi-Cal fraud claims filed in San Diego. Vendor’s Ransomware Attack Is Latest Supply Chain Warning. UChicago Medicine invests $607 million in community benefits for South Side and Southland regions in fiscal 2021. Covid-19 continues climbing in state. Oscar Health To Exit Colorado, Arkansas.

COVID-19 40

COVID-19 Nurses Nursing Homes Hospitals 40

HIPAA Journal

OCTOBER 14, 2022

2021 saw 714 data breaches of 500 or more records reported to the OCR – an 11% increase from the previous year. Many of the hacking incidents now being reported by healthcare providers involve the use of ransomware. Almost three-quarters of those breaches were classified as hacking/IT incidents.

Ransomware 121

Ransomware HIPAA Health Insurance Hospitals 121

HIPAA Journal

OCTOBER 6, 2022

An affiliate of the infamous Netwalker ransomware gang has been sentenced to serve 20 years in jail for his role in ransomware attacks on entities in the United States. A law enforcement investigation into the ransomware attacks conducted by Vachon-Desjardins on U.S. years in jail for a separate drug trafficking case.

Ransomware 113

Ransomware Fraud COVID-19 HIPAA 113