2022, Fraud and Health Insurance - Health Care Compliance Brief

CentraState Medical Center Facing Class Action Lawsuit Over December 2022 Ransomware Attack

HIPAA Journal

FEBRUARY 22, 2023

A lawsuit has been filed against Freehold Township, NJ-based CentraState Healthcare System over its December 2022 ransomware attack, a few days after the health system started sending notification letters to around 617,000 affected patients.

Ransomware

Ransomware Fraud Health Insurance HIPAA

2022 Healthcare Data Breach Report

HIPAA Journal

JANUARY 24, 2023

For the first time since 2015, there was a year-over-year decline in the number of data breaches reported to the Department of Health and Human Services’ Office for Civil Rights (OCR), albeit only by 1.13% with 707 data breaches of 500 or more records reported. million records in 2022. million records in 2021 to 51.9

HIPAA

HIPAA Ransomware Hospitals Fraud

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. In addition to the high number of data breaches, 2022 stands out for the sheer number of healthcare records breached, which currently stands at 49.8

HIPAA

HIPAA Ransomware Health Insurance Compliance

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

Valle de Sol did not state in its notification letters when hackers gained access to its network, or for how long they had access, but did confirm that the unauthorized activity was detected on January 25, 2022. A comprehensive review was conducted of all files that may have been accessed, which was completed on July 18, 2022.

Health Insurance

Health Insurance Licensing Fraud HIPAA

Humana Members Impacted by Choice Health Data Breach

HIPAA Journal

SEPTEMBER 29, 2022

Humana has recently announced that the protected health information of 22,767 individuals has potentially been compromised in a security incident and data breach at one of its business associates – Choice Health – which Human used to sell Medicare products on its behalf.

Health Insurance

Health Insurance Medicare Medicare Fraud

Magellan Health Settles Class Action Data Breach Lawsuit for $1.43 Million

HIPAA Journal

SEPTEMBER 30, 2022

The plaintiffs alleged the security failures were in violation of the Health Insurance Portability and Accountability Act, although the lawsuit was filed over the violation of state laws. The plaintiffs also took issue with how Magellan Health handled the data breach and the delay in issuing notifications.

Fraud

Fraud HIPAA Health Insurance

Lamoille Health Partners Facing Class Action Lawsuit Over 58K-Record Data Breach

HIPAA Journal

SEPTEMBER 7, 2022

The Morristown, VT-based healthcare provider, Lamoille Health Partners, is facing a class action lawsuit over a June 2022 ransomware attack that affected almost 60,000 of its patients. The attack was detected on June 13, 2022, with the investigation confirming the attackers gained access to its network the previous day.

HIPAA

HIPAA Ransomware Fraud Health Insurance

First Choice Community Healthcare and Arlington Skin Notify Patients About Cyberattacks

HIPAA Journal

AUGUST 5, 2022

In a substitute breach notification, First Choice explained that unusual activity was detected within its technological environment on March 27, 2022. Affected individuals were notified about the breach by mail on August 1, 2022, and have been offered complimentary identity theft protection services through IDX.

Electronic Medical Records

Electronic Medical Records Health Insurance Fraud HIPAA

Data Theft Incidents Reported at Choice Health, MCG Health, & Goodman Campbell Brain and Spine

HIPAA Journal

JUNE 15, 2022

The South Carolina-based health insurance company, Choice Health, now part of Alight Solutions, has recently announced that the protected health information of some of its members has been obtained by an unauthorized individual. That issue meant the database could be accessed over the internet without authorization.

Ransomware

Ransomware Health Insurance Fraud HIPAA

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

HIPAA Journal

SEPTEMBER 9, 2022

That process concluded on June 24, 2022. Those emails contained patient information such as names, dates of birth, Social Security numbers, medical information, health insurance information, driver’s license numbers, and state ID numbers. The information exposed varied from patient to patient.

Licensing

Licensing Health Insurance Fraud HIPAA

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

According to the breach report filed with the Maine Attorney General, it took until October 3, 2022, to confirm that an unauthorized third party had accessed the email system, which included sensitive information of its members. Notification letters were sent to affected individuals on October 31, 2022.

HIPAA

HIPAA Licensing Health Insurance Fraud

Four Californian Medical Groups Sued over Data Breach Affecting 3.3 Million Patients

HIPAA Journal

MARCH 7, 2023

The cyberattack in question occurred on December 1, 2022. Hackers gained access to the medical groups’ IT systems, preventing access to certain servers on December 2, 2022. The attempted fraudulent activity occurred between December 2022 and February 2023, before being informed by the defendants about the data breach.

Fraud

Fraud Health Insurance Doctors HIPAA

Rise Interactive Media & Analytics Sued Over Edgepark Medical Supplies Data Breach

HIPAA Journal

MARCH 30, 2023

A lawsuit has been filed against the digital marketing agency, Rise Interactive Media & Analytics, over a cyberattack in which the protected health information of approximately 54,500 patients of Edgepark Medical Supplies was compromised.

Health Insurance

Health Insurance Fraud HIPAA

SuperCare Health Sued Over 318,000-Record Data Breach

HIPAA Journal

APRIL 15, 2022

A lawsuit has been filed against the in-home respiratory care provider, SuperCare Health, over a cyberattack and data breach that was reported to the Department of Health and Human Services on March 28, 2022. In 2021, the law firm was involved in 23 incidents, and 58 lawsuits were filed in response to those breaches.

Electronic Medical Records

Electronic Medical Records HIPAA Health Insurance Fraud

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

Social Action Community Health System (SAC Health) has recently notified 149,940 patients that documents containing their protected health information were stolen in a break-in at an off-site storage location where patient records were stored. Notification letters were sent to those individuals on May 3, 2022.

Ransomware

Ransomware Fraud HIPAA Licensing

VisionWeb Data Breach Affects Up to 35,900 Individuals

HIPAA Journal

OCTOBER 18, 2022

According to the breach report sent to the HHS on October 3, 2022, unauthorized individuals gained access to its email environment which contained patient information. Suspicious email account activity was detected on June 1, 2022, and immediate action was taken to secure the account. Eventus WholeHealth Announces Email Account Breach.

Fraud

Fraud HIPAA Health Insurance Governance

Patient Data Stolen in July 2021 Cyberattack on Chelan Douglas Health District

HIPAA Journal

MARCH 24, 2022

Notification letters started to be sent to affected individuals on March 15, 2022. Notification letters started to be sent to affected individuals on March 15, 2022. Chelan Douglas Health District said it is unaware of any cases of identity fraud or other misuse of patient data.

Ransomware

Ransomware Fraud Hospitals HIPAA

Independent Living Systems Sued Over 4 Million-Record Data Breach

HIPAA Journal

MARCH 21, 2023

ILS Identified the breach in July 2022 and determined unauthorized individuals had access to its network between June 30, 2022, and July 5, 2022. Affected individuals were offered complimentary credit monitoring services and security measures have been enhanced to prevent further data breaches. The lawsuit was filed by Joseph G.

Fraud

Fraud Health Insurance Medicaid Medicaid

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

HIPAA Journal

NOVEMBER 23, 2022

The attack occurred between January 26 and January 28, 2022, and while the attack was detected by the firm’s endpoint security solution shortly after the ransomware was executed, it was not possible to prevent the encryption of certain files on its network.

Ransomware

Ransomware Fraud Licensing HIPAA

BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack

HIPAA Journal

JULY 20, 2022

While data theft could not be determined, the affected email accounts contained the protected health information of patients of 19 of its hospitals, including names, birth dates, health insurance information, Social Security numbers, driver’s license, and healthcare data. BJC HealthCare has committed $2.7

Fraud

Fraud Licensing HIPAA Health Insurance

Logan Health Facing Class Action Lawsuit Over Data Breach

HIPAA Journal

MARCH 11, 2022

District Court for the District of Montana Great Falls Division by law firm Heenan & Cook on behalf of plaintiff Allison Smeltz and all similarly affected individuals over the alleged failure of the health system to protect the plaintiff’s and class members’ sensitive personal information.

HIPAA

HIPAA Health Insurance Medical Billing Fraud

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

Ultimate Care said no reports have been received that indicate there has been any misuse of patient information; however, as a precaution against identity theft and fraud, individuals whose Social Security numbers were impacted have been offered complimentary one-year memberships with a credit monitoring service.

Health Insurance

Health Insurance Licensing Ransomware Fraud

Avem Health Partners and Emory Healthcare Notify Patients About Data Breaches

HIPAA Journal

DECEMBER 19, 2022

Avem Health Partners, an Oklahoma City-based provider of administrative and technology services to healthcare organizations, has recently started notifying its healthcare clients about a data breach that occurred at one of its vendors, 365 Data Centers. Department of Labor (DOL) on August 24, 2022. The DOL and the U.S.

Fraud

Fraud Licensing HIPAA Health Insurance

Dental Care Alliance Settles Class Action Data Breach Lawsuit for $3 Million

HIPAA Journal

AUGUST 4, 2022

The forensic investigation confirmed that names, addresses, diagnoses, treatment information, patient account numbers, billing information, dentists’ names, payment card information, and health insurance information had potentially been compromised. The deadline for opting out of the settlement – July 26, 2022 – has now passed.

Fraud

Fraud HIPAA Health Insurance

Pharma Sales Rep Pleads Guilty to Healthcare Fraud and Criminal HIPAA Violations

HIPAA Journal

OCTOBER 21, 2022

A pharmaceutical sales rep has pleaded guilty to conspiring to commit healthcare fraud and wrongfully disclosing and obtaining patients’ protected health information in an elaborate healthcare fraud scheme involving criminal HIPAA violations. Ritson identified the patients through the medical practice of Dr. Frank Alario.

Fraud

Fraud HIPAA FDA Health Insurance

Settlement Agreed to Resolve RIPTA Ransomware Attack Lawsuit

HIPAA Journal

MARCH 11, 2025

An investigation was launched, and it was confirmed that RIPTAs previous health insurance provider, UnitedHealthcare of New England, had provided RIPTA with files containing the data of non-RIPTA employees, and that data was compromised in the attack.

Ransomware

Ransomware Fraud HIPAA Health Insurance

Lawsuit Alleges Obamacare Plan-Switching Scheme Targeted Low-Income Consumers

Kaiser Health News

APRIL 16, 2024

The push began after March 2022, when a special enrollment period for low-income people became available, opening up a year-round opportunity to enroll in an ACA plan. “Unfortunately, there’s so much fraud that legitimate agents who are really trying to help people are also being pushed out.”

ACA

ACA Health Insurance Governance Medical Billing

Six Data Breaches Reported by Healthcare Providers and Business Associates

HIPAA Journal

DECEMBER 20, 2022

Work Health Solutions, a San Jose, CA-based occupational health services provider, has confirmed that the protected health information of 13,157 individuals has been exposed and potentially obtained by unauthorized individuals who had access to an employee email account between February 16, 2-022 and March 24, 2022.

Health Insurance

Health Insurance Licensing Hospitals Fraud

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

HIPAA Journal

APRIL 1, 2022

For the second time this year, the health district has announced patient data has potentially been compromised after an employee responded to a phishing email. Last week, SRHD confirmed that the email account contained the protected health information of 1,260 individuals.

Fraud

Fraud HIPAA Licensing Health Insurance

Critical Condition: The Increasing Frequency of Ransomware Attacks in Healthcare

Healthcare IT Today

NOVEMBER 22, 2024

According to a report from the Office of the Director of National Intelligence, ransomware attacks on healthcare organizations doubled between 2022 and 2023 , making the healthcare sector one of the fastest-growing targets for cybercriminals.

Ransomware

Ransomware Hospitals COVID-19 Compliance

277,000 Santa Clara Family Health Plan Members Affected by GoAnywhere Hack

HIPAA Journal

APRIL 25, 2023

On February 13, 2023, NationsBenefits confirmed that the data compromised in the attack included protected health information such as name, address, phone number, gender, date of birth, health insurance number, medical ID number, Social Security number, date(s) of service, medical device or product purchased, and provider/caregiver name.

Health Insurance

Health Insurance Public Health Ransomware Fraud

Data Breaches Reported by University Urology and McPherson Hospital

HIPAA Journal

MAY 10, 2023

McPherson Hospital – Ransomware Attack McPherson Hospital in Kansas has recently issued notification letters to 19,020 patients to alert them about a July 2022 ransomware attack. Notification letters were sent in early May, almost 10 months after the attack. The unauthorized access was traced to a former employee.

Hospitals

Hospitals Ransomware Health Insurance Fraud

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

HIPAA Journal

AUGUST 2, 2023

Notification letters will be sent to the affected individuals in the coming weeks and credit monitoring, fraud consultation, and identity theft restoration services will be offered. A third-party data review company was provided with the files on December 22, 2022, and provided the results of the analysis to SHS on May 16, 2023.

Licensing

Licensing Electronic Medical Records Ransomware Health Insurance

Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit

HIPAA Journal

FEBRUARY 16, 2023

The investigation confirmed hackers had access to, and potentially stole, the protected health information of patients such as names, Social Security numbers, driver’s license information, dates of birth, health insurance, medical treatment information, and financial account information. Advent Health Partners, Inc.

HIPAA

HIPAA Fraud Licensing Health Insurance

Centene Will Pay $19 Million to Washington State For Medicaid Fraud Allegations

The Health Law Firm Blog

FEBRUARY 23, 2024

Board Certified by The Florida Bar in Health Law On August 24, 2022, managed healthcare company, Centene Corporation, agreed to pay $19 million to the State of Washington to settle fraud allegations. Centene owns and operates Sunshine State Health Plan, d/b/a Sunshine Health, in Florida. By George F.

Fraud

Fraud Medicaid Medicaid Overpayment

Centene Will Pay $19 Million to Washington State For Medicaid Fraud Allegations

The Health Law Firm Blog

NOVEMBER 29, 2022

Board Certified by The Florida Bar in Health Law On August 24, 2022, managed healthcare company, Centene Corporation, agreed to pay $19 million to the State of Washington to settle fraud allegations. Centene owns and operates Sunshine State Health Plan, d/b/a Sunshine Health, in Florida. By George F.

Fraud

Fraud Medicaid Medicaid Overpayment

Centene to Pay Washington State $19 Million to Resolve Medicaid Fraud Allegations

The Health Law Firm Blog

OCTOBER 14, 2022

Board Certified by The Florida Bar in Health Law On August 24, 2022, managed healthcare company, Centene Corporation, agreed to pay $19 million to the State of Washington to settle fraud allegations. Centene owns and operates Sunshine State Health Plan, d/b/a Sunshine Health, in Florida. By George F.

Fraud

Fraud Medicaid Medicaid Overpayment

True Health New Mexico Proposes Settlement to Resolve Class Action Data Breach Lawsuit

HIPAA Journal

MARCH 1, 2023

The Albuquerque, NM-based health insurance provider, True Health New Mexico, has proposed a settlement to resolve claims related to a 2021 data breach that affected 62,983 members of its health plans. True Health New Mexico Inc. , all of which were filed in the 2nd District Court of the State of New Mexico.

Fraud

Fraud Ransomware Health Insurance HIPAA

Mon Health Faces Class Action Lawsuit Over 493K Record Data Breach

HIPAA Journal

OCTOBER 6, 2022

Mon Health said it detected the breach on December 30, 2021, with the forensic investigation determining hackers accessed its network between December 9 and December 19. The lawsuit, which names Monongalia Health Systems Inc. and affiliated hospitals, Monongalia County General Hospital Co., Stonewall Jackson Memorial Hospital Co.,

HIPAA

HIPAA Fraud Hospitals Health Insurance

Centene Agrees to Pay $19 Million to Washington State For Medicaid Fraud Allegations

The Health Law Firm Blog

MARCH 14, 2024

Board Certified by The Florida Bar in Health Law On August 24, 2022, managed healthcare company, Centene Corporation, agreed to pay $19 million to the State of Washington to settle fraud allegations. Centene owns and operates Sunshine State Health Plan, d/b/a Sunshine Health, in Florida. By George F.

Fraud

Fraud Medicaid Medicaid Overpayment

Centene Will Pay $19 Million Settlement to Washington State For Medicaid Fraud Allegations

The Health Law Firm Blog

FEBRUARY 1, 2024

Board Certified by The Florida Bar in Health Law On August 24, 2022, managed healthcare company, Centene Corporation, agreed to pay $19 million to the State of Washington to settle fraud allegations. Centene owns and operates Sunshine State Health Plan, d/b/a Sunshine Health, in Florida. By George F.

Fraud

Fraud Medicaid Medicaid Overpayment

Centene Agrees to Pay $19 Million to Washington State For Medicaid Fraud Allegations

The Health Law Firm Blog

DECEMBER 19, 2022

Board Certified by The Florida Bar in Health Law On August 24, 2022, managed healthcare company, Centene Corporation, agreed to pay $19 million to the State of Washington to settle fraud allegations. Centene owns and operates Sunshine State Health Plan, d/b/a Sunshine Health, in Florida. By George F.

Fraud

Fraud Medicaid Medicaid Overpayment

Centene Will Pay $19 Million Settlement to Washington State For Medicaid Fraud Allegations

The Health Law Firm Blog

NOVEMBER 7, 2022

Board Certified by The Florida Bar in Health Law On August 24, 2022, managed healthcare company, Centene Corporation, agreed to pay $19 million to the State of Washington to settle fraud allegations. Centene owns and operates Sunshine State Health Plan, d/b/a Sunshine Health, in Florida. By George F.

Fraud

Fraud Medicaid Medicaid Overpayment

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Schneck Medical Center has agreed to pay a penalty of $250,000 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws and will implement additional safeguards to prevent further data breaches.

HIPAA

HIPAA Ransomware Health Insurance Fraud

CentraState Medical Center Facing Class Action Lawsuit Over December 2022 Ransomware Attack

2022 Healthcare Data Breach Report

Webinars

Trending Sources

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Webinars

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

Humana Members Impacted by Choice Health Data Breach

Magellan Health Settles Class Action Data Breach Lawsuit for $1.43 Million

Lamoille Health Partners Facing Class Action Lawsuit Over 58K-Record Data Breach

First Choice Community Healthcare and Arlington Skin Notify Patients About Cyberattacks

Data Theft Incidents Reported at Choice Health, MCG Health, & Goodman Campbell Brain and Spine

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Four Californian Medical Groups Sued over Data Breach Affecting 3.3 Million Patients

Rise Interactive Media & Analytics Sued Over Edgepark Medical Supplies Data Breach

SuperCare Health Sued Over 318,000-Record Data Breach

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

VisionWeb Data Breach Affects Up to 35,900 Individuals

Patient Data Stolen in July 2021 Cyberattack on Chelan Douglas Health District

Independent Living Systems Sued Over 4 Million-Record Data Breach

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack

Logan Health Facing Class Action Lawsuit Over Data Breach

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Avem Health Partners and Emory Healthcare Notify Patients About Data Breaches

Dental Care Alliance Settles Class Action Data Breach Lawsuit for $3 Million

Pharma Sales Rep Pleads Guilty to Healthcare Fraud and Criminal HIPAA Violations

Settlement Agreed to Resolve RIPTA Ransomware Attack Lawsuit

Lawsuit Alleges Obamacare Plan-Switching Scheme Targeted Low-Income Consumers

Six Data Breaches Reported by Healthcare Providers and Business Associates

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

Critical Condition: The Increasing Frequency of Ransomware Attacks in Healthcare

277,000 Santa Clara Family Health Plan Members Affected by GoAnywhere Hack

Data Breaches Reported by University Urology and McPherson Hospital

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit

Centene Will Pay $19 Million to Washington State For Medicaid Fraud Allegations

Centene Will Pay $19 Million to Washington State For Medicaid Fraud Allegations

Centene to Pay Washington State $19 Million to Resolve Medicaid Fraud Allegations

True Health New Mexico Proposes Settlement to Resolve Class Action Data Breach Lawsuit

Mon Health Faces Class Action Lawsuit Over 493K Record Data Breach

Centene Agrees to Pay $19 Million to Washington State For Medicaid Fraud Allegations

Centene Will Pay $19 Million Settlement to Washington State For Medicaid Fraud Allegations

Centene Agrees to Pay $19 Million to Washington State For Medicaid Fraud Allegations

Centene Will Pay $19 Million Settlement to Washington State For Medicaid Fraud Allegations

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Stay Connected