HIPAA Journal

OCTOBER 26, 2022

The American Civil Liberties Union of Rhode Island (ACLU of RI) is taking legal action against the Rhode Island Public Transit Authority (RIPTA) and UnitedHealthcare New England (UHC) over an August 2021 data breach that affected more than 22,000 individuals.

HIPAA 118

HIPAA Fraud Health Insurance 118

HIPAA Journal

MAY 16, 2022

According to the April 29, 2022, notification on the healthcare provider’s website, “We recently discovered unauthorized access to our network occurred between May 31, 2021, and June 1, 2021.” The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal.

Health Insurance 117

Health Insurance Ransomware HIPAA Licensing 117

HIPAA Journal

MARCH 11, 2022

Protenus has released its 2022 Breach Barometer Report which confirms 2021 was a particularly bad year for healthcare industry data breaches, with more than 50 million healthcare records exposed or compromised in 2021. There were 111 insider incidents in 2021, similar to the 110 incidents in 2019, which is a 26% decrease from 2020.

HIPAA 117

HIPAA Ransomware Health Insurance 117

HIPAA Journal

DECEMBER 24, 2022

Penalties for HIPAA violations can be issued by the Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general. In addition to financial penalties, covered entities are required to adopt a corrective action plan to bring policies and procedures up to the standards demanded by HIPAA. .

HIPAA 128

HIPAA Compliance Hospitals COVID-19 128

HIPAA Journal

MARCH 28, 2023

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000 to the New York Attorney General to resolve alleged violations of New York General Business Law and the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA 112

HIPAA Ransomware Malpractice Health Insurance 112

HIPAA Journal

FEBRUARY 24, 2022

Two HIPAA-regulated entities have recently started notifying individuals whose protected health information was potentially compromised in cyberattacks that occurred more than 12 months ago, including one where it took 18 months to notify affected individuals that their protected health information had been accessed and potentially acquired.

HIPAA 116

HIPAA Ransomware Health Insurance 116

HIPAA Journal

MARCH 15, 2023

The United States Department of Justice has agreed to settle alleged False Claims Act violations with Jelly Bean Communications Design LLC and manager Jeremy Spinks related to the failure to protect HIPAA-covered data. FHKC is a state-created entity that offers health and dental insurance to children in Florida between the ages of 5 and 18.

Health Insurance 84

Health Insurance HIPAA Fraud Due Diligence 84

HIPAA Journal

DECEMBER 31, 2022

To best answer the question what is a HIPAA violation, it is necessary to explain what HIPAA is, who it applies to, and what constitutes a violation; for although most people believe they know what a HIPAA compliance violation is, evidence suggests otherwise. What is HIPAA and Who Does It Apply To?

HIPAA 135

HIPAA Due Diligence Compliance Fraud 135

HIPAA Journal

MARCH 24, 2022

Chelan Douglas Health District in East Wenatchee, WA, has announced it was the victim of a cyberattack in July 2021 in which the personal and protected health information of patients was exfiltrated from its systems. A representative for the health district said this was not a ransomware attack.

Ransomware 133

Ransomware Fraud Hospitals HIPAA 133

HIPAA Journal

FEBRUARY 28, 2023

Department of Health and Human Services (HHS) has restructured its Office for Civil Rights (OCR) and has created new divisions that will help improve the enforcement of HIPAA and civil rights laws and clear the current backlog of complaints and investigations. Approximately 80% of all reported data breaches are due to hacking.

HIPAA 106

HIPAA Health Insurance Compliance 106

HIPAA Journal

MARCH 2, 2022

The Health Insurance Accountability and Portability Act (HIPAA) introduced multiple HIPAA rights. Unfortunately, the failure to comply with Privacy Rule HIPAA rights is one of the leading reasons for complaints to the HHS Office for Civil Rights. Rights under the Privacy Rule.

HIPAA 95

HIPAA Health Insurance Public Health Compliance 95

Healthcare IT Today

SEPTEMBER 28, 2023

The following is a guest article by Bill Young, Director of Healthcare & Life Sciences at SYSTRAN Keeping patient data confidential and secure remains a major healthcare challenge today, more than 25 years after the introduction of the 1996 Health Insurance Portability & Accountability Act or HIPAA.

HIPAA 119

HIPAA US Department of Health and Human Services Governance Health Insurance 119

Compliancy Group

MAY 27, 2022

Almost as surely as summer follows spring, lawsuits follow breaches of protected health information. Here’s a roundup of recent HIPAA breach lawsuits and settlements. Lawsuits Increasing Following HIPAA Breaches – Facts and Figures. Let’s Simplify Compliance HIPAA and cybersecurity go hand-in-hand.

HIPAA 98

HIPAA Ransomware Compliance Hospitals 98

HIPAA Journal

JUNE 28, 2022

The HHS’ Office for Civil Rights (OCR) Breach Portal includes breaches of the personally identifiable protected health information (PHI), such as unauthorized access and disclosures, exposures, and the loss and theft of PHI. OCR is the main enforcer of compliance with the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA 96

HIPAA Compliance Health Insurance Governance 96

HIPAA Journal

AUGUST 28, 2023

The latest settlement agreement relates to a complaint made against UHIC by a customer who had requested a copy of their PHI in January 2021. The agency initiated an investigation in April 2021, but it was not until July that the customer received the PHI they had requested six months earlier.

HIPAA 76

HIPAA Health Insurance Compliance 76

HIPAA Journal

NOVEMBER 8, 2022

Suspicious activity was detected within its network on May 12, 2021, with the forensic investigation confirming unauthorized individuals had access to its network for a month between April 20, 2021, and May 17, 2021. During that time, the attackers may have viewed or acquired sensitive patient data. The post U.S.

Licensing 71

Licensing Health Insurance HIPAA 71

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA 93

HIPAA Ransomware Health Insurance Compliance 93

Compliancy Group

AUGUST 24, 2023

They’ve reached a settlement with UnitedHealthcare Insurance Company (“UHIC”), one of the largest health insurers in the country, regarding a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s right of access provision.

HIPAA 52

HIPAA Health Insurance Compliance 52

HIPAA Journal

MAY 2, 2022

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft of the protected health information of tens of thousands of individuals. Los Angeles County Department of Mental Health, California. La Casa de Salud, New York.

HIPAA 102

HIPAA Health Insurance Licensing Hospitals 102

HIPAA Journal

MARCH 29, 2022

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced its first financial penalties of 2022 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA). Dental Practitioner Fined $30,000 for Noncompliance with the HIPAA Right of Access.

HIPAA 126

HIPAA Compliance Health Insurance 126

HIPAA Journal

JANUARY 31, 2023

Affected individuals were notified about the cyberattack in August 2021 and were offered complimentary credit monitoring and identity theft protection services. The post San Andreas Regional Center Agrees to Settle 2021 Ransomware Attack Lawsuit appeared first on HIPAA Journal. A lawsuit – Lopez, et al.

Ransomware 63

Ransomware Fraud Health Insurance HIPAA 63

HIPAA Journal

JUNE 22, 2022

A review of the affected files confirmed they contained information such as names, dates of birth, medical assessment and medication information, health insurance information, and Social Security numbers. The breach was detected on December 27, 2021, and it was determined on January 7, 2022, that patient data had been compromised.

HIPAA 90

HIPAA Health Insurance 90

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules.

HIPAA 110

HIPAA Compliance Hospitals Medicare 110

HIPAA Journal

NOVEMBER 16, 2022

Unauthorized individuals have gained access to the email system of the Administrative Fund of the Detectives’ Endowment Association of the Police Department of the City of New York (NYCDEA) and potentially viewed or obtained the protected health information of 21,544 individuals.

HIPAA 98

HIPAA Licensing Health Insurance Fraud 98

HIPAA Journal

MAY 11, 2023

million settlement to resolve a class action lawsuit filed in response to a 2021 hacking incident in which the protected health information of 318,379 patients was compromised. Million Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal. The post SuperCare Proposes $2.25

HIPAA 97

HIPAA Health Insurance Licensing Hospitals 97

HIPAA Journal

MAY 2, 2024

BioPlus Specialty Pharmacy Services has proposed a settlement to resolve a class action lawsuit that was filed in response to a 2021 data breach that exposed the data of up to 350,000 patients. The post BioPlus Specialty Pharmacy Services Proposes Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal.

Fraud 109

Fraud HIPAA Health Insurance Compliance 109

Compliancy Group

APRIL 1, 2022

An HHS study released in December 2021 showed 2020 telehealth usage for Medicare patients increased 63-fold over 2019 (840,000 to 52.7 Regardless of the method used, communications such as cloud-based VoIP, telehealth, texting, and email in healthcare must comply fully with HIPAA rules and regulations. . Compliancy Group can help!

HIPAA 52

HIPAA Compliance Health Insurance Doctors 52

HIPAA Journal

JULY 11, 2022

Phoenixville Hospital Fires Employee for HIPAA Violation. According to the hospital operator, Tower Health, the unauthorized access was discovered during a routine audit of medical record access logs. Some of the accessed records included partial Social Security numbers and health insurance information.

Hospitals 108

Hospitals HIPAA Health Insurance Licensing 108

HIPAA Journal

FEBRUARY 23, 2022

Logan Health Medical Center in Kalispell, MT, has recently started notifying certain patients that hackers gained access to a file server that housed patient information in “a highly sophisticated criminal attack.”. NHS Management Alerts Patients About May 2021 Cyberattack.

Electronic Medical Records 140

Electronic Medical Records HIPAA Health Insurance Medical Billing 140

HIPAA Journal

FEBRUARY 15, 2022

Chicago’s South Shore Hospital has started notifying 115,670 current and former patients about a December 2021 cyberattack on its network. Suspicious activity was identified on its network on December 10, 2021, and prompt action was taken to contain the incident.

Hospitals 126

Hospitals Health Insurance HIPAA Medicaid 126

HIPAA Journal

MARCH 11, 2022

Legal action is being taken against Logan Health and subsidiary, sister, and related entities of Logan Health over a data breach that occurred in 2021 and affected 213,543 Logan Health Medical Center patients. The lawsuit points out that data breach was one of several to have affected Logan Health.

HIPAA 122

HIPAA Health Insurance Medical Billing Fraud 122

Health Care Law Brief

JUNE 24, 2022

The Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), recently issued new regulatory guidance relating to covered entities’ HIPAA-compliant use of remote communication technologies for audio-only telehealth services. The new HIPAA guidance affects covered entities in four key ways.

HIPAA 52

HIPAA Fraud Compliance COVID-19 52

HIPAA Journal

APRIL 6, 2023

The researchers used an open-source tool called WebXray to identify third-party tracking code and recorded data requests on the hospital websites over a 3-day period in 2021. The third parties receiving the information are typically not HIPAA-regulated entities, which means uses and disclosures of the transferred data are largely unregulated.

Hospitals 121

Hospitals HIPAA Health Insurance Compliance 121

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance 119

Health Insurance Licensing Ransomware Fraud 119

HIPAA Journal

FEBRUARY 16, 2022

Philadelphia FIGHT Community Health Centers has recently announced it was the victim of a cyberattack on November 30, 2021. The information potentially compromised in the attack included names, dates of birth, Social Security numbers, medical diagnoses, treatment information, and health insurance information.

Electronic Medical Records 112

Electronic Medical Records Health Insurance Licensing HIPAA 112

HIPAA Journal

MARCH 14, 2022

Capital Region Medical Center (CRMC) in Jefferson City, MO has recently confirmed patient information was accessed by unauthorized individuals in a December 2021 cyberattack that took its network and phone systems offline for several days. The attack was detected on December 17, 2021, when network systems were disrupted.

Electronic Medical Records 138

Electronic Medical Records Health Insurance HIPAA Licensing 138

HIPAA Journal

APRIL 15, 2022

The incident involved the exposure and potential theft of the protected health information of 318,400 patients, including names, addresses, birth dates patient account numbers, medical record numbers, health insurance information, testing, diagnostic, treatment, and claims information.

Electronic Medical Records 125

Electronic Medical Records HIPAA Health Insurance Fraud 125