HIPAA Journal

OCTOBER 21, 2022

A pharmaceutical sales rep has pleaded guilty to conspiring to commit healthcare fraud and wrongfully disclosing and obtaining patients’ protected health information in an elaborate healthcare fraud scheme involving criminal HIPAA violations. Ritson identified the patients through the medical practice of Dr. Frank Alario.

Fraud 63

Fraud HIPAA FDA Health Insurance 63

HIPAA Journal

SEPTEMBER 12, 2023

Schneck Medical Center has agreed to pay a penalty of $250,000 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws and will implement additional safeguards to prevent further data breaches.

HIPAA 94

HIPAA Ransomware Health Insurance Fraud 94

HIPAA Journal

MARCH 28, 2023

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000 to the New York Attorney General to resolve alleged violations of New York General Business Law and the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA 110

HIPAA Ransomware Malpractice Health Insurance 110

HIPAA Journal

OCTOBER 21, 2022

There are – and always have been – gaps in HIPAA and, after more than a quarter of a century, some have yet to be addressed. Most of the gaps in HIPAA are attributable to omissions from the original Act, provisions of HIPAA and HITECH that have never been enacted, and the increasing use of technology in healthcare.

HIPAA 105

HIPAA Compliance Medicare Medicare 105

Healthcare It News

DECEMBER 5, 2022

" Community also said that the investigation has not found evidence that misuse or fraud has occurred as a result of the breach, and it "cannot say with certainty what information was involved." ON THE RECORD. Andrea Fox is senior editor of Healthcare IT News. Email: afox@himss.org. Healthcare IT News is a HIMSS publication.

Fraud 305

Fraud HIPAA Compliance Hospitals 305

Compliancy Group

MAY 27, 2022

Here’s a roundup of recent HIPAA breach lawsuits and settlements. Lawsuits Increasing Following HIPAA Breaches – Facts and Figures. The cybercriminals stole more than 400GB of data before encrypting the organization’s files on March 19, 2022. Let’s Simplify Compliance HIPAA and cybersecurity go hand-in-hand.

HIPAA 98

HIPAA Ransomware Hospitals Compliance 98

Compliancy Group

JANUARY 25, 2022

With at least six weeks before final numbers are in, the Department of Health and Human Services HIPAA Breach Reporting Tool website is reporting 713 major healthcare data breaches in 2021, an increase of more than 7.5 Trends of Major Healthcare Data Breaches Continue in 2022. Protected health information (PHI) from more than 45.7

HIPAA 98

HIPAA Ransomware Governance Fraud 98

HIPAA Journal

NOVEMBER 16, 2022

According to the breach report filed with the Maine Attorney General, it took until October 3, 2022, to confirm that an unauthorized third party had accessed the email system, which included sensitive information of its members. Notification letters were sent to affected individuals on October 31, 2022.

HIPAA 94

HIPAA Licensing Health Insurance Fraud 94

HIPAA Journal

SEPTEMBER 7, 2022

The Morristown, VT-based healthcare provider, Lamoille Health Partners, is facing a class action lawsuit over a June 2022 ransomware attack that affected almost 60,000 of its patients. The attack was detected on June 13, 2022, with the investigation confirming the attackers gained access to its network the previous day.

HIPAA 112

HIPAA Ransomware Fraud Health Insurance 112

HIPAA Journal

APRIL 20, 2022

A comprehensive review of affected files was conducted, and that process was concluded on February 23, 2022. The notification letters state that credit monitoring, fraud consultation, and identity theft restoration services are being offered through Kroll for 12 months at no cost.

US Department of Health and Human Services 139

US Department of Health and Human Services Fraud HIPAA 139

HIPAA Journal

JUNE 14, 2022

Kaiser Permanente said it was alerted to a security incident involving its email system on April 5, 2022. Notifications were sent to affected individuals on June 3, 2022, who have been advised to be vigilant for potential fraud. Kaiser Permanente provides healthcare services to more than 12.5

Fraud 123

Fraud HIPAA 123

HIPAA Journal

AUGUST 29, 2023

The HHS’ Office for Civil Rights released guidance in 2022 on HIPAA and website tracking technologies and confirmed disclosures of protected health information to third parties via website tracking technologies is a HIPAA violation unless authorization has been received from patients or if there is a valid business associate agreement in place.

HIPAA 79

HIPAA Fraud Health Insurance Compliance 79

HIPAA Journal

APRIL 15, 2022

A lawsuit has been filed against the in-home respiratory care provider, SuperCare Health, over a cyberattack and data breach that was reported to the Department of Health and Human Services on March 28, 2022. The post SuperCare Health Sued Over 318,000-Record Data Breach appeared first on HIPAA Journal. The lawsuit, Vickey Angulo v.

Electronic Medical Records 122

Electronic Medical Records HIPAA Health Insurance Fraud 122

HIPAA Journal

FEBRUARY 1, 2023

When a data breach occurs and sensitive information is disclosed, the HIPAA Breach Notification Rule requires affected individuals to be notified. The 2022 Data Breach Report from the Identity Theft Resource Center (ITRC) has confirmed this trend. The LastPass data breach was a good case in point.

Fraud 121

Fraud HIPAA Ransomware Compliance 121

HIPAA Journal

JUNE 15, 2022

Choice Health discovered on May 14, 2022, that an individual was offering a set of data that had allegedly been stolen from Choice Health. Choice Health determined that the database had been found and certain database files had been copied by an unauthorized individual on May 7, 2022.

Ransomware 141

Ransomware Health Insurance Fraud HIPAA 141

HIPAA Journal

MAY 25, 2022

The break-in was discovered on March 4, 2022, with the subsequent investigation confirming on April 22, 2022, that six boxes of paper documents had been stolen from the facility, which included files relating to patients served by SAC Health in 1997 and between 2006 and 2020. Lifespan Services Suffers Ransomware Attack.

Ransomware 131

Ransomware Fraud HIPAA Licensing 131

HIPAA Journal

DECEMBER 8, 2022

The New York ambulance service, Empress EMS, is facing multiple class action lawsuits over a ransomware attack that was detected on July 14, 2022. Those files were stolen on July 13, 2022. The breach investigation revealed the ransomware gang first gained access to the network on or around May 26, 2022.

Ransomware 108

Ransomware HIPAA Fraud 108

HIPAA Journal

NOVEMBER 7, 2022

On September 1, 2022, OakBend Medical Center discovered its systems had been compromised and files had been encrypted. On October 28, 2022, two patients affected by the data breach – Ryan Higgs and Alissa Wojnar – took legal action over the theft of their protected health information. OakBend Medical Center.

HIPAA 105

HIPAA Fraud 105

HIPAA Journal

SEPTEMBER 30, 2022

Had notifications been issued sooner, the plaintiffs argued that they could have taken steps to protect against identity theft and fraud. Class members that have incurred costs related to credit monitoring and fraud resolution may also be able to claim back those costs. Million appeared first on HIPAA Journal.

Fraud 102

Fraud HIPAA Health Insurance 102

HIPAA Journal

MARCH 24, 2022

Notification letters started to be sent to affected individuals on March 15, 2022. Chelan Douglas Health District said it is unaware of any cases of identity fraud or other misuse of patient data. The post Patient Data Stolen in July 2021 Cyberattack on Chelan Douglas Health District appeared first on HIPAA Journal.

Ransomware 130

Ransomware Fraud Hospitals HIPAA 130

HIPAA Journal

MARCH 7, 2023

The cyberattack in question occurred on December 1, 2022. Hackers gained access to the medical groups’ IT systems, preventing access to certain servers on December 2, 2022. The attempted fraudulent activity occurred between December 2022 and February 2023, before being informed by the defendants about the data breach.

Fraud 118

Fraud Health Insurance Doctors HIPAA 118

HIPAA Journal

JUNE 15, 2022

On May 27, 2022, the Massachusetts-based medical imaging service provider reported the data breach to the HHS’ Office for Civil Rights and confirmed that an unauthorized actor had access to some of its IT systems from March 7 to March 21, 2022.

Fraud 114

Fraud HIPAA 114

HIPAA Journal

OCTOBER 17, 2022

Valle de Sol did not state in its notification letters when hackers gained access to its network, or for how long they had access, but did confirm that the unauthorized activity was detected on January 25, 2022. A comprehensive review was conducted of all files that may have been accessed, which was completed on July 18, 2022.

Health Insurance 121

Health Insurance Licensing Fraud HIPAA 121

Compliancy Group

AUGUST 31, 2022

Department of Justice’s (DOJ) Civil Cyber Fraud Initiative (CCFI). Details of DOJ Cyber Fraud Initiative Settlements. Let’s Simplify Compliance Do you need help with HIPAA? × Automated HIPAA Compliance. DOJ Cyber Fraud Initiative and the HIPAA Connection. Compliancy Group can help! Learn More! ×

Fraud 52

Fraud HIPAA Electronic Medical Records Governance 52

HIPAA Journal

NOVEMBER 23, 2022

The attack occurred between January 26 and January 28, 2022, and while the attack was detected by the firm’s endpoint security solution shortly after the ransomware was executed, it was not possible to prevent the encryption of certain files on its network.

Ransomware 115

Ransomware Fraud Licensing HIPAA 115

HIPAA Journal

JANUARY 10, 2023

An external investigation into credit card fraud pointed to Captify Health as the source of a data breach. The affected individuals were then identified and contact information was verified, and breach notification letters were sent on December 16, 2022.

HIPAA 110

HIPAA Doctors Fraud Compliance 110

HIPAA Journal

JULY 20, 2022

In May 2022, BJC HealthCare reported another email breach to the HHS’ Office for Civil Rights. The post BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack appeared first on HIPAA Journal. BJC HealthCare agreed to settle the lawsuit with no admission of liability or wrongdoing.

Fraud 119

Fraud Licensing HIPAA Health Insurance 119

HIPAA Journal

OCTOBER 18, 2022

According to the breach report sent to the HHS on October 3, 2022, unauthorized individuals gained access to its email environment which contained patient information. Suspicious email account activity was detected on June 1, 2022, and immediate action was taken to secure the account. Eventus WholeHealth Announces Email Account Breach.

Fraud 106

Fraud HIPAA Health Insurance Governance 106

HIPAA Journal

SEPTEMBER 29, 2022

On May 18, 2022, Choice Health learned that a Choice Health database was accessible over the Internet, with the investigation confirming the misconfiguration was caused by a third-party service provider. The exposed database was detected by Choice Health on May 14, 2022, with the theft of database files identified on May 18.

Health Insurance 115

Health Insurance Medicare Medicare Fraud 115

HIPAA Journal

JANUARY 17, 2023

The security breach was detected on June 29, 2022, when staff members were prevented from accessing files. Leading third-party cybersecurity experts were engaged to investigate the incident and determine the nature and scope of the breach and confirmed that the threat actors had access to its network between June 15, 2022, and June 29, 2022.

Ransomware 112

Ransomware Fraud HIPAA Licensing 112

HIPAA Journal

MARCH 21, 2023

ILS Identified the breach in July 2022 and determined unauthorized individuals had access to its network between June 30, 2022, and July 5, 2022. The post Independent Living Systems Sued Over 4 Million-Record Data Breach appeared first on HIPAA Journal.

Fraud 111

Fraud Health Insurance Medicaid Medicaid 111

HIPAA Journal

DECEMBER 19, 2022

On September 9, 2022, 365 Data Centers notified Avem Health Partners that an unauthorized third party had gained access to its servers. The breach was detected on May 16, 2022, with the investigation confirming there may have been unauthorized access to data stored on those servers prior to May 14, 2022. The DOL and the U.S.

Fraud 102

Fraud Licensing HIPAA Health Insurance 102

HIPAA Journal

AUGUST 4, 2022

The plaintiffs alleged that they face an increased risk of identity theft and fraud due to the negligence of Dental Care Alliance and that their sensitive personal and protected health information is now in the hands of data thieves. The deadline for opting out of the settlement – July 26, 2022 – has now passed.

Fraud 120

Fraud HIPAA Health Insurance 120

HIPAA Journal

OCTOBER 6, 2022

The two patients named in the lawsuit, Jahima Scott and Darlene Johnson, claimed to have had their identities stolen as a direct result of the breach, with both claiming they were victims of credit card fraud shortly after the data breach occurred. A final approval hearing has been scheduled for October 26, 2022.

Electronic Medical Records 121

Electronic Medical Records Fraud COVID-19 HIPAA 121

HIPAA Journal

SEPTEMBER 9, 2022

That process concluded on June 24, 2022. As a precaution against identity theft and fraud, complimentary memberships have been offered to a credit monitoring service for 12 months. has recently notified the Montana Attorney General about a cyberattack that was detected on April 11, 2022. appeared first on HIPAA Journal.

Licensing 109

Licensing Health Insurance Fraud HIPAA 109

HIPAA Journal

MARCH 13, 2023

Revenetics is facing a class action lawsuit over its December 2022 cyberattack and data breach that affected more than 250,000 individuals. The post Revenetics Facing Class Action Lawsuit Over Royal Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 116

Ransomware Fraud HIPAA 116

HIPAA Journal

AUGUST 5, 2022

In a substitute breach notification, First Choice explained that unusual activity was detected within its technological environment on March 27, 2022. Affected individuals were notified about the breach by mail on August 1, 2022, and have been offered complimentary identity theft protection services through IDX.

Electronic Medical Records 98

Electronic Medical Records Health Insurance Fraud HIPAA 98