2022, Health Insurance and Licensing - Health Care Compliance Brief

Health Insurance in Aisle 3: Why a Grocery Chain is Working on Medicare

Health Populi

AUGUST 3, 2021

Under the hood of this effort is Hy-Vee Financial Services, a multi-service financial services company with licenses to serve consumers in Illinois, Iowa, Kansas, Minnesota, Missouri, Nebraska, South Dakota and Wisconsin. The post Health Insurance in Aisle 3: Why a Grocery Chain is Working on Medicare appeared first on HealthPopuli.com.

Health Insurance

Health Insurance Medicare Medicare Licensing

235,000 Keystone Health Patients Affected by August 2022 Cyberattack

HIPAA Journal

OCTOBER 18, 2022

Chambersburg, PA-based Keystone Health has recently announced that it fell victim to a cyberattack on August 19, 2022, which caused temporary disruption to its computer systems. The forensic investigation revealed the hackers first gained access to its systems on July 28, 2022, with access terminated on August 19.

HIPAA

HIPAA Health Insurance Licensing Medicaid

One Brooklyn Health Notifies Patients About November 2022 Cyberattack

HIPAA Journal

APRIL 21, 2023

One Brooklyn Health System, which operates three hospitals in Brooklyn, NY, has started notifying patients affected by a November 19, 2022, cyberattack. One Brooklyn Health said it started mailing notification letters to affected patients on April 20, 2023.

Health Insurance

Health Insurance Licensing HIPAA Hospitals

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

Valle de Sol did not state in its notification letters when hackers gained access to its network, or for how long they had access, but did confirm that the unauthorized activity was detected on January 25, 2022. A comprehensive review was conducted of all files that may have been accessed, which was completed on July 18, 2022.

Health Insurance

Health Insurance Licensing Fraud HIPAA

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. In addition to the high number of data breaches, 2022 stands out for the sheer number of healthcare records breached, which currently stands at 49.8

HIPAA

HIPAA Ransomware Health Insurance Compliance

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

The breach was detected on January 20, 2022, and immediate action was taken to secure its systems, and an independent computer forensics company was engaged to conduct a forensic investigation to determine the nature and scope of the breach. The files exfiltrated from its systems included the protected health information of patients.

Ransomware

Ransomware Licensing Health Insurance HIPAA

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

According to the breach report filed with the Maine Attorney General, it took until October 3, 2022, to confirm that an unauthorized third party had accessed the email system, which included sensitive information of its members. Notification letters were sent to affected individuals on October 31, 2022.

HIPAA

HIPAA Licensing Health Insurance Fraud

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

HIPAA Journal

JULY 5, 2022

The email system was immediately secured when the breach was detected with the forensic investigation confirming that two email accounts had been accessed by an unauthorized third party between January 12, 2022, and January 19, 2022. A limited number of patients also had financial account information exposed.

Licensing

Licensing Electronic Medical Records Health Insurance Hospitals

Round Up of Recent Hacking Incidents and Email Account Breaches

HIPAA Journal

JANUARY 13, 2023

The attack was detected on November 7, 2022, and steps were taken to contain the attack and secure its systems. Notification letters were mailed to affected individuals on January 6, 2022. Notifications were mailed to affected individuals on December 30, 2022. Quality Behavioral Health – Hacked Network Server.

Health Insurance

Health Insurance Licensing HIPAA Hospitals

Physicians Business Office Reports Data Breach Affecting 196,573 Individuals

HIPAA Journal

SEPTEMBER 30, 2022

Physicians Business Office (PBO), a Parkersburg, WV-based provider of medical practice management and administrative services, has recently disclosed a security incident that occurred in April 2022. That process was completed on September 16, 2022, and notification letters were sent shortly thereafter.

Licensing

Licensing HIPAA Health Insurance

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

HIPAA Journal

SEPTEMBER 9, 2022

That process concluded on June 24, 2022. Those emails contained patient information such as names, dates of birth, Social Security numbers, medical information, health insurance information, driver’s license numbers, and state ID numbers.

Licensing

Licensing Health Insurance Fraud HIPAA

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

HIPAA Journal

MARCH 29, 2023

OU Health – Stolen Laptop Computer OU Medicine Inc. in Oklahoma has reported a breach of the protected health information of 3,013 OU Health patients. On December 26, 2022, an employee’s laptop computer was stolen. Notification letters were mailed to the affected individuals on March 24, 2023.

Hospitals

Hospitals Ransomware Licensing Health Insurance

Email Account Breaches Reported by Legacy Hospice, Live Oak Surgery Center, University of Miami Health

HIPAA Journal

JANUARY 9, 2023

Legacy Operating Company, an Alabama-based operator of Legacy Hospice facilities in Alabama, Arkansas, Louisiana, Mississippi, Missouri, Oklahoma, and Tennessee, has confirmed that an unauthorized third party gained access to a limited number of employee email accounts on February 11, 2022, and between April 7, 2022, and April 21, 2022.

Licensing

Licensing HIPAA Health Insurance Governance

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

HIPAA Journal

MARCH 4, 2022

Crossroads Health in Ohio has experienced a cyberattack that disrupted some of its IT systems. The security incident was detected on January 18, 2022, with the subsequent investigation confirming unauthorized individuals had access to its systems between November 18, 2021, and January 18, 2022.

Health Insurance

Health Insurance Licensing HIPAA

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

HIPAA Journal

FEBRUARY 16, 2022

The investigation confirmed its electronic medical record system and other clinical systems were not compromised in the attack; however, on January 13, 2022, Philadelphia FIGHT discovered the attacker had accessed non-clinical systems that housed files containing the protected health information of around 15,000 patients.

Electronic Medical Records

Electronic Medical Records Health Insurance Licensing HIPAA

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

HIPAA Journal

JULY 14, 2022

The Winston-Salem, NC-based managed behavioral health organization, Carolina Behavioral Health Alliance (CBHA), the administrator of behavioral health benefits for Wake Forest University and Wake Forest Baptist Medical Center, has recently announced it was the victim of a ransomware attack.

Licensing

Licensing Health Insurance Ransomware HIPAA

Data Breaches Reported by CareFirst Administrators, Legacy Health & Blakehurst

HIPAA Journal

DECEMBER 14, 2022

A security breach was identified by Conifer in late March, with the investigation determining several Microsoft 365 had been accessed by unauthorized individuals between March 17 and March 22, 2022. CFA was informed about the breach on June 23, 2022. Patients started to be notified on November 23, 2022.

Health Insurance

Health Insurance HIPAA Licensing

Healthcare Data Potentially Compromised in 5 Hacking Incidents

HIPAA Journal

MAY 2, 2023

NYSARC Columbia County Chapter Notifies Individuals About July 2022 Ransomware Attack NYSARC Columbia County Chapter (COARC) has started notifying certain individuals that some of their protected health information has potentially been obtained by unauthorized individuals in a July 2022 ransomware attack.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

HIPAA Journal

MAY 24, 2022

In March 2022, Partnership HealthPlan of California (PHC) announced that third-party forensic specialists had been engaged to help restore the functionality of its IT systems following a cyberattack. According to the notification, the cyberattack was detected on or around March 19, 2022.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

Notification letters were sent to affected individuals on February 22, 2022. AHA discovered the email breach in early September 2021 and determined on December 2, 2021, that files containing the protected health information of its healthcare provider clients had been accessed. AHA provided notice about the attack on January 6, 2021.

Health Insurance

Health Insurance Licensing Ransomware Fraud

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

HIPAA Journal

JULY 11, 2022

According to the hospital operator, Tower Health, the unauthorized access was discovered during a routine audit of medical record access logs. Some of the accessed records included partial Social Security numbers and health insurance information. Notification letters were sent to affected individuals on July 5, 2022.

Hospitals

Hospitals HIPAA Health Insurance Licensing

Parker-Hannifin Cyberattack Affects Almost 120,000 Health Plan Members

HIPAA Journal

MAY 19, 2022

Suspicious activity was detected within its IT environment on March 14, 2022. The forensic investigation confirmed its systems were accessed by unauthorized individuals between March 11, 2022, and March 14, 2022. The breach has been reported to the HHS’ Office for Civil Rights as affecting 119,513 group health plan members.

COVID-19

COVID-19 Health Insurance HIPAA Licensing

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

HIPAA Journal

MAY 2, 2022

Notification letters were mailed on February 22, 2022, and complimentary credit monitoring and identity protection services have been offered to individuals whose Social Security number or driver’s license number was exposed. The email account breaches were detected by the hospital on January 19, 2022.

HIPAA

HIPAA Health Insurance Licensing Hospitals

Cyberattack on SuperCare Health Affects 318,000 Patients

HIPAA Journal

APRIL 7, 2022

SuperCare Health, a Downey, CA-based post-acute, in-home respiratory care provider serving the Western United States, has recently started notifying 318,379 patients that some of their protected health information has been exposed and potentially accessed by unauthorized individuals in a cyberattack that occurred in July 2021.

Licensing

Licensing HIPAA Health Insurance Hospitals

Credential Stuffing Attack Exposed United HealthCare Member Data

HIPAA Journal

MAY 2, 2023

The accounts subjected to unauthorized access included information such as names, birthdates, addresses, health insurance member ID numbers, service dates, provider names, claim details, and group names and numbers. No Social Security numbers, financial information, or driver’s license numbers were exposed.

Licensing

Licensing Health Insurance Hospitals HIPAA

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

HIPAA Journal

MARCH 14, 2022

CRMC said at this stage of the investigation it does not appear that the attackers gained access to its electronic medical record database; however, the files accessed or potentially accessed by the attackers included information such as patient names, addresses, birth dates, medical information, and health insurance information.

Electronic Medical Records

Electronic Medical Records Health Insurance HIPAA Licensing

Six Data Breaches Reported by Healthcare Providers and Business Associates

HIPAA Journal

DECEMBER 20, 2022

Work Health Solutions, a San Jose, CA-based occupational health services provider, has confirmed that the protected health information of 13,157 individuals has been exposed and potentially obtained by unauthorized individuals who had access to an employee email account between February 16, 2-022 and March 24, 2022.

Health Insurance

Health Insurance Licensing Hospitals Fraud

Email Security Incidents Reported by HealthPlex and Optima Dermatology

HIPAA Journal

MAY 9, 2022

Healthplex said notification letters were sent to affected individuals on April 15, 2022, who have been offered complimentary identity theft protection services through Lifelock. No evidence was found to indicate Social Security numbers, driver’s license numbers, or financial account/payment card information were exposed or compromised.

ADA

ADA Licensing Health Insurance HIPAA

Alabama Healthcare Provider Announces 441,000-Record Data Breach

HIPAA Journal

MARCH 20, 2023

The Birmingham, AL, Heart Hospital, Cardiovascular Associates, has recently announced that unauthorized individuals gained access to certain parts of its network between November 28, 2022, and December 5, 2022, and removed files containing patient information.

Licensing

Licensing HIPAA Health Insurance Hospitals

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

HIPAA Journal

AUGUST 3, 2022

The two health insurance firms confirmed they had been affected in late February 2022, with PracticeMax publicly reporting the breach in the fall of 2021. A server used by PracticeMax and several email accounts were affected and data on its systems was encrypted.

Ransomware

Ransomware Health Insurance Licensing HIPAA

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

HIPAA Journal

MAY 17, 2022

The Manchester, NH-based medical equipment company, NuLife Med LLC, has recently announced it was the victim of a cyberattack in March 2022. Suspicious network activity was detected on or around March 11, 2022, and steps were immediately taken to prevent further unauthorized network access.

Health Insurance

Health Insurance Licensing Ransomware HIPAA

SuperCare Health Sued Over 318,000-Record Data Breach

HIPAA Journal

APRIL 15, 2022

A lawsuit has been filed against the in-home respiratory care provider, SuperCare Health, over a cyberattack and data breach that was reported to the Department of Health and Human Services on March 28, 2022. A subset of individuals also had their Social Security numbers and/or driver’s license numbers exposed.

Electronic Medical Records

Electronic Medical Records HIPAA Health Insurance Fraud

Four Healthcare Providers Hit with Ransomware Attacks

HIPAA Journal

MARCH 1, 2022

Ransomware attacks have recently been reported by four healthcare providers across the country, which have collectively resulted in the exposure and potential theft of the protected health information of more than 49,000 individuals. Jax Spine & Pain Centers. Augustine locations prior to May 2018.

Ransomware

Ransomware Licensing HIPAA Health Insurance

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

Social Action Community Health System (SAC Health) has recently notified 149,940 patients that documents containing their protected health information were stolen in a break-in at an off-site storage location where patient records were stored. Notification letters were sent to those individuals on May 3, 2022.

Ransomware

Ransomware Fraud HIPAA Licensing

Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval

HIPAA Journal

MAY 19, 2022

The settlement has received preliminary approval from the court and a final hearing for the settlement has been scheduled for September 12, 2022. The deadline for submitting a claim is August 8, 2022, and the deadline for objecting to the settlement or requesting to be excluded from the settlement is August 22, 2022.

Licensing

Licensing HIPAA Health Insurance Medicaid

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

HIPAA Journal

OCTOBER 7, 2022

Anthem has confirmed that the protected health information of certain plan members has been compromised in a data breach at its vendor, Choice Health. Choice Health was provided with the data of plan members to perform its contracted duties. CareOregon Reports August 2022 Mailing Error.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

HIPAA Journal

APRIL 28, 2022

Arcare, a provider of primary care and behavioral health services in Arkansas, Mississippi, and Kentucky has confirmed that patient data was potentially accessed by unauthorized individuals in a cyberattack that was discovered on February 24, 2022.

Ransomware

Ransomware Health Insurance HIPAA Licensing

Email Account Breaches Reported by Allaire Healthcare Group and Platinum Hospitalists

HIPAA Journal

JUNE 9, 2022

A programmatic and manual review of the affected email account was completed on March 18, 2022. Platinum Hospitalists has recently started notifying 6,000 patients that some of their protected health information has potentially been compromised. Platinum Hospitalists Discovers Phishing Attack and Data Breach.

Licensing

Licensing HIPAA Health Insurance Hospitals

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

HIPAA Journal

APRIL 18, 2022

The types of information exposed included names, Social Security numbers, driver’s license numbers, state-issued I.D. numbers, financial account numbers, passport numbers, medical information, and/or health insurance information. Complimentary credit monitoring services have been offered to eligible individuals.

Licensing

Licensing HIPAA Health Insurance Hospitals

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

HIPAA Journal

MARCH 9, 2022

The investigation confirmed that an unauthorized individual gained access to a server that housed patient information such as names, contact information, birth dates, Social Security numbers, driver’s license numbers, limited health information, and/or health insurance policy numbers.

Electronic Medical Records

Electronic Medical Records Health Insurance Ransomware HIPAA

Lake Charles Memorial Health System Cyberattack Affects Almost 270,000 Patients

HIPAA Journal

DECEMBER 29, 2022

The Louisiana healthcare system said suspicious activity was detected by its security team on October 21, 2022, and steps were taken to contain the activity and investigate a potential breach. The Palm Springs, FL-based federally qualified health center, FoundCare Inc., Some Social Security numbers were also compromised.

Ransomware

Ransomware Health Insurance Licensing Medical Billing

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

HIPAA Journal

AUGUST 2, 2023

The administrative service provider said suspicious activity was detected within its network in early December 2022, and the forensic investigation confirmed on December 15, 2022, that an unauthorized third party accessed parts of its computer network where personal health information was stored.

Licensing

Licensing Electronic Medical Records Ransomware Health Insurance

Ransomware Attack at Fitzgibbon Hospital Affects 112,000 Patients

HIPAA Journal

JANUARY 5, 2023

Back in June 2022 , HIPAA Journal reported on a cyberattack on Fitzgibbon Hospital in Marshall, MO, after being contacted directly by a spokesperson for a threat group called DAIXIN Team, who claimed responsibility for the attack. Howard Memorial Hospital Announces December 2022 Cyberattack.

Ransomware

Ransomware Hospitals HIPAA Licensing

BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack

HIPAA Journal

JULY 20, 2022

While data theft could not be determined, the affected email accounts contained the protected health information of patients of 19 of its hospitals, including names, birth dates, health insurance information, Social Security numbers, driver’s license, and healthcare data. BJC HealthCare has committed $2.7

Fraud

Fraud Licensing HIPAA Health Insurance

Health Insurance in Aisle 3: Why a Grocery Chain is Working on Medicare

235,000 Keystone Health Patients Affected by August 2022 Cyberattack

Webinars

Trending Sources

One Brooklyn Health Notifies Patients About November 2022 Cyberattack

Webinars

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

Editorial: Lessons from Biggest HIPAA Breaches of 2022

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

Round Up of Recent Hacking Incidents and Email Account Breaches

Physicians Business Office Reports Data Breach Affecting 196,573 Individuals

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

Email Account Breaches Reported by Legacy Hospice, Live Oak Surgery Center, University of Miami Health

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

Data Breaches Reported by CareFirst Administrators, Legacy Health & Blakehurst

Healthcare Data Potentially Compromised in 5 Hacking Incidents

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

Parker-Hannifin Cyberattack Affects Almost 120,000 Health Plan Members

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

Cyberattack on SuperCare Health Affects 318,000 Patients

Credential Stuffing Attack Exposed United HealthCare Member Data

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

Six Data Breaches Reported by Healthcare Providers and Business Associates

Email Security Incidents Reported by HealthPlex and Optima Dermatology

Alabama Healthcare Provider Announces 441,000-Record Data Breach

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

SuperCare Health Sued Over 318,000-Record Data Breach

Four Healthcare Providers Hit with Ransomware Attacks

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

Email Account Breaches Reported by Allaire Healthcare Group and Platinum Hospitalists

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

Lake Charles Memorial Health System Cyberattack Affects Almost 270,000 Patients

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

Ransomware Attack at Fitzgibbon Hospital Affects 112,000 Patients

BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack

Stay Connected