Fraud, HIPAA and Licensing - Health Care Compliance Brief

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

Compliancy Group

DECEMBER 9, 2024

Patient files, clinical and treatment information, and information related to insurance or claim information, constitute electronic protected health information (ePHI) under the Health Insurance Portability and Accountability Act (HIPAA). Mitigate risk through a risk management plan.

Ransomware

Ransomware Licensing HIPAA Compliance

2024 DOJ False Claims Act Settlements in Healthcare Recover $1.67B

Compliancy Group

JANUARY 23, 2025

A classic example is Medicare fraud. Providers who bill Medicare for services they did not actually provide and who present the bill with the knowledge that the service was not performed have committed Medicare fraud. The DOJ has focused much of its anti-fraud efforts on pursuing these cases, litigating several of them in 2024.

Fraud

Fraud Medicare Medicare Regulatory Compliance

When HIPAA Becomes Criminal

Healthcare IT Today

DECEMBER 20, 2022

Five former employees of Methodist Hospital in Memphis, TN, including a recently-licensed Registered Nurse, were indicted by a federal grand jury for allegedly selling medical information about car accident victims to personal injury attorneys and chiropractors. Harvey could receive up to 70 years in prison, pay a fine of $1.75

HIPAA

HIPAA Nurses Licensing Compliance

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

Laboratory Services Cooperative Breach Impacts 1.6 Million People

HIPAA Journal

APRIL 11, 2025

Additional identifiers such as Social Security Numbers, driver’s license/state ID numbers, passport numbers, dates of birth, demographic data, student ID numbers, and other government identifiers. Million People appeared first on The HIPAA Journal. The post Laboratory Services Cooperative Breach Impacts 1.6

Ransomware

Ransomware Fraud HIPAA Licensing

Is Stripe HIPAA Compliant?

HIPAA Journal

JANUARY 10, 2024

Stripe is not HIPAA compliant and – other than its payment processing services – should not be used by covered entities and business associates to create, collect, store, or transmit Protected Health Information (PHI). As well as its payment processing activities, Stripe provides billing, identity verification, and fraud management services.

HIPAA

HIPAA US Department of Health and Human Services Fraud Telemedicine

Retina Group of Washington Agrees to $3.6 Million Settlement to Resolve Data Breach Lawsuit

HIPAA Journal

APRIL 16, 2025

The hackers encrypted files and stole data such as names, addresses, telephone numbers, email addresses, dates of birth, demographic information, Social Security numbers, drivers license numbers, medical record numbers, health information, payment information, and health insurance information. Bean of Siri & Glimstad LLP.

Ransomware

Ransomware Fraud Licensing HIPAA

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

The review of the compromised email accounts confirmed they contain information such as names, addresses, dates of birth, driver’s license numbers, state identification card numbers, financial account numbers, usernames and passwords, payment card information, medical histories, and health insurance information.

HIPAA

HIPAA Licensing Health Insurance Fraud

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

HIPAA Journal

MARCH 11, 2025

The file review confirmed that the types of data compromised in the cyberattack included names, addresses, dates of birth, Social Security numbers, drivers license numbers, medical information, and health insurance information. The post Cyberattack on Sunflower Medical Group Affects 221,000 Patients appeared first on The HIPAA Journal.

Department of Veterans Affairs

Department of Veterans Affairs Licensing Ransomware Fraud

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Schneck Medical Center has agreed to pay a penalty of $250,000 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws and will implement additional safeguards to prevent further data breaches.

HIPAA

HIPAA Ransomware Health Insurance Fraud

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA

HIPAA Ransomware Health Insurance Compliance

Regulating the DTC Telehealth Boom: How Policies Are Shaping the Future of Prescription Fulfillment

Healthcare IT Today

MARCH 26, 2025

As the sector adapts, telehealth providers must navigate new compliance challenges, particularly regarding controlled substances, data privacy, and multi-state licensing. While telehealth is federally recognized, each state maintains its own set of rules governing online prescribing , provider licensing, and telehealth modalities.

FDA

FDA Compliance Licensing Fraud

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

HIPAA Journal

APRIL 25, 2024

The exposed and stolen data included contact information, Social Security numbers, driver’s license numbers, financial information, health insurance information, medical records, medical histories, diagnoses/conditions, and health insurance information. During that time, files containing patient data were exfiltrated from its network.

Fraud

Fraud Health Insurance HIPAA Licensing

Utah Updates Data Breach Notification Requirements

HIPAA Journal

APRIL 24, 2023

The new law applies to persons who own or license computerized data that includes the personal information of Utah residents. If a system security breach is discovered, a prompt investigation should be conducted to determine the likelihood that personal information has been or will be misused for identity theft or fraud.

Fraud

Fraud Licensing HIPAA Governance

Preventing Non-Compliance Consequences in Healthcare

Verisys

MARCH 6, 2025

Department of Health and Human Services (HHS) Enforces regulations like the Health Insurance Portability and Accountability Act (HIPAA) to ensure patient data privacy and security. The Office of Inspector General (OIG) Monitors and enforces compliance with regulations that prevent fraud, waste, and abuse in healthcare programs.

Compliance

Compliance HIPAA Licensing Governance

The Role of AI in Healthcare Compliance

Verisys

MARCH 6, 2025

Health Insurance Portability and Accountability Act (HIPAA) Ensuring patient privacy by constantly monitoring data handling practices. If something looks off, it can alert compliance officers or hospital staff, who can then work to secure data and avoid a HIPAA breach. Summary of the HIPAA Privacy Rule. link] Cosmos.

Compliance

Compliance US Department of Health and Human Services Regulatory Compliance Fraud

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

The exposed information included names, dates of birth, Social Security numbers, driver’s license numbers, clinical/diagnosis information, health insurance member ID numbers, medical record numbers, and Medicare or Medicaid numbers. Valle De Sol said it has not received any reports from patients to suggest any misuse of their data.

Health Insurance

Health Insurance Licensing Fraud HIPAA

Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services

HIPAA Journal

JULY 4, 2024

A limited number of patients had their Social Security numbers, driver’s license numbers, financial account information, and/or credit card information exposed. The post Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services appeared first on The HIPAA Journal. to 5:30 p.m. Central Time.

Medicaid

Medicaid Medicaid Fraud Licensing

Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks

HIPAA Journal

APRIL 23, 2024

Kisco Senior Living said additional security features have been implemented to prevent similar breaches in the future and the affected individuals have been offered 12 months of complimentary credit monitoring services, which include a $1 million identity fraud loss reimbursement policy.

Ransomware

Ransomware Fraud Licensing HIPAA

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

HIPAA Journal

NOVEMBER 23, 2022

Current and former employees and job applicants have had their names, birth dates, Social Security numbers, driver’s license numbers, and/or state IDs exposed, as well as financial account numbers for a limited number of individuals.

Ransomware

Ransomware Fraud Licensing HIPAA

Nurse Sentenced to 37 Months in Jail for Tampering with and Stealing Medications

HIPAA Journal

DECEMBER 15, 2022

Attorney’s Office charged Mulvey with tampering with a consumer product, acquiring controlled substances by fraud, and criminal violations of the Heath Insurance Portability and Accountability Act (HIPAA). The criminal HIPAA violations and other charges were dropped as part of the agreement.

Nurses

Nurses HIPAA Fraud Licensing

Avem Health Partners and Emory Healthcare Notify Patients About Data Breaches

HIPAA Journal

DECEMBER 19, 2022

A review of the files on the compromised servers confirmed that protected health information such as patient names, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, and diagnosis and treatment information had been exposed. The DOL and the U.S.

Fraud

Fraud Licensing HIPAA Health Insurance

BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack

HIPAA Journal

JULY 20, 2022

While data theft could not be determined, the affected email accounts contained the protected health information of patients of 19 of its hospitals, including names, birth dates, health insurance information, Social Security numbers, driver’s license, and healthcare data. The lawsuit, filed in the Circuit Court of the City of St.

Fraud

Fraud Licensing HIPAA Health Insurance

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

HIPAA Journal

SEPTEMBER 9, 2022

Those emails contained patient information such as names, dates of birth, Social Security numbers, medical information, health insurance information, driver’s license numbers, and state ID numbers. As a precaution against identity theft and fraud, complimentary memberships have been offered to a credit monitoring service for 12 months.

Licensing

Licensing Health Insurance Fraud HIPAA

SuperCare Health Sued Over 318,000-Record Data Breach

HIPAA Journal

APRIL 15, 2022

A subset of individuals also had their Social Security numbers and/or driver’s license numbers exposed. The post SuperCare Health Sued Over 318,000-Record Data Breach appeared first on HIPAA Journal.

Electronic Medical Records

Electronic Medical Records HIPAA Health Insurance Fraud

Good Samaritan Hospital Settles Class Action Data Breach Lawsuit

HIPAA Journal

JUNE 28, 2023

Individuals that have suffered identity theft, medical fraud, tax fraud, other forms of fraud, and other actual misuses of their personal information, can submit claims for documented, unreimbursed extraordinary losses that are reasonably traceable to the data breach of up to a maximum of $5,000.

Hospitals

Hospitals Fraud Licensing HIPAA

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

Ultimate Care said no reports have been received that indicate there has been any misuse of patient information; however, as a precaution against identity theft and fraud, individuals whose Social Security numbers were impacted have been offered complimentary one-year memberships with a credit monitoring service.

Health Insurance

Health Insurance Licensing Ransomware Fraud

Automating Your OIG LEIE Exclusion Search

Compliancy Group

NOVEMBER 25, 2024

The Office of Inspector General’s (OIG) List of Excluded Individuals and Entities (LEIE) helps prevent fraud, ensure high-quality levels of care, and keep businesses aligned with regulatory measurements.

Compliance

Compliance Fraud Medicaid Medicaid

Umass Memorial Health Proposes $1.2 Million Settlement to Resolve Data Breach Lawsuit

HIPAA Journal

FEBRUARY 14, 2023

The compromised email accounts contained patient names, medical record numbers, driver’s license numbers, financial account information, Social Security numbers, health insurance information, and clinical or treatment information. Million Settlement to Resolve Data Breach Lawsuit appeared first on HIPAA Journal.

Fraud

Fraud Licensing Health Insurance HIPAA

Everything You Need To Know About NPI Numbers

Verisys

NOVEMBER 8, 2023

CMS.gov The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the creation of a standard, unique health identifier for healthcare providers, which the NPI satisfies. While health plans may use other numbers internally, the NPI is mandatory for HIPAA transactions.

Fraud

Fraud HIPAA Medicare Medicare

Class Action Lawsuit Filed Against Cardiovascular Associates Over 441K-Record Data Breach

HIPAA Journal

MARCH 22, 2023

The plaintiff and class members now face an increased risk of identity theft and fraud as their private information is now in the hand of cybercriminals. The post Class Action Lawsuit Filed Against Cardiovascular Associates Over 441K-Record Data Breach appeared first on HIPAA Journal.

HIPAA

HIPAA Fraud Licensing Health Insurance

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

Notification letters were sent to affected individuals in August and information was provided on the steps that individuals can take to reduce the risk of identity theft and fraud, but it would appear that credit monitoring and identity theft protection services are not being offered. Gateway Diagnostic Imaging and Radiology Ltd.

Fraud

Fraud Health Insurance Ransomware HIPAA

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

SAC Health said it is unaware of any actual or attempted misuse of patient data as a result of the break-in; however, as a precaution against identity theft and fraud, affected individuals have been offered complimentary credit monitoring services. Notification letters were sent to those individuals on May 3, 2022.

Ransomware

Ransomware Fraud HIPAA Licensing

Electromed Proposes $825,000 Class Action Data Breach Settlement

HIPAA Journal

FEBRUARY 15, 2023

Associates affected by the breach had their Social Security numbers, driver’s license numbers, and financial account information exposed. Claims may be submitted for reimbursement of documented, unreimbursed extraordinary losses due to identity theft and fraud, up to a maximum of $5,000.

Ransomware

Ransomware Fraud Licensing Health Insurance

Verizon unveils new virtual care platform

Healthcare IT News - Telehealth

APRIL 6, 2021

Licensing is based on a per-visit model, according to the company, allowing for easier data capture and reporting for reimbursement. Security features on the HIPAA-ready platform include access controls, encryption, privacy checks, locked meetings and fraud detection. THE LARGER TREND.

Fraud

Fraud Telemedicine Licensing HIPAA

Progressive Therapeutics allays telehealth security concerns with EHR integration

Healthcare IT News - Telehealth

JULY 19, 2021

It has nine licensed mental health professionals on staff, all committed to providing thorough delivery of psychiatric care based on the latest research. Nor was it HIPAA-compliant, a major concern. "This integration meant that the telehealth would be just as HIPAA-compliant as the EHR," Shah explained. THE PROBLEM.

COVID-19

COVID-19 HIPAA Ransomware Governance

Lawsuit Filed Against Conifer & Tenet Healthcare Over Email Account Breach

HIPAA Journal

APRIL 18, 2023

The information in the compromised email account included full names, home addresses, dates of birth, medical and treatment information, health insurance information, and billing and claims information, with some individuals also having their Social Security numbers, financial account information, and driver’s license numbers compromised.

HIPAA

HIPAA Fraud Licensing Health Insurance

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

HIPAA Journal

AUGUST 2, 2023

Notification letters will be sent to the affected individuals in the coming weeks and credit monitoring, fraud consultation, and identity theft restoration services will be offered. The post Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute appeared first on HIPAA Journal.

Licensing

Licensing Electronic Medical Records Ransomware Health Insurance

Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit

HIPAA Journal

FEBRUARY 16, 2023

The investigation confirmed hackers had access to, and potentially stole, the protected health information of patients such as names, Social Security numbers, driver’s license information, dates of birth, health insurance, medical treatment information, and financial account information.

HIPAA

HIPAA Fraud Licensing Health Insurance

How To Prepare for an OIG Inspection

MedTrainer

JULY 28, 2023

Earlier this year, an in-depth OIG investigation resulted in a six-day trial of a former Louisiana health clinic CEO , who was ultimately convicted of Medicaid fraud and sentenced to 82 months in federal prison. But what exactly is considered fraud, waste, and abuse? These complaints can trigger an audit. Data Analysis and Trends.

Fraud

Fraud Compliance Medicaid Medicaid

Home Care Providers of Texas Announces 124K-Record Data Breach

HIPAA Journal

JANUARY 17, 2023

Affected individuals have been advised to be vigilant against incidents of identity theft and fraud by reviewing their account statements and explanation of benefit forms. The post Home Care Providers of Texas Announces 124K-Record Data Breach appeared first on HIPAA Journal. million total.

Ransomware

Ransomware Fraud HIPAA Licensing

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

HIPAA Journal

APRIL 1, 2022

While Ciox’s investigation did not find any instances of fraud or identity theft as a result of this incident, out of an abundance of caution, beginning today, Ciox is notifying affected Catholic Health patients,” said Catholic Health, in a March 30, 2022 post on its website.

Fraud

Fraud HIPAA Licensing Health Insurance

Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice

HIPAA Journal

NOVEMBER 12, 2024

Orthopedics Rhode Island said it is unaware of any misuse of that information but has advised all affected individuals to be vigilant against identity theft and fraud. The post Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice appeared first on The HIPAA Journal.

Health Insurance

Health Insurance Fraud Licensing HIPAA

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

Notification letters were sent to affected individuals in August and information was provided on the steps that individuals can take to reduce the risk of identity theft and fraud, but it would appear that credit monitoring and identity theft protection services are not being offered.

Fraud

Fraud Health Insurance Ransomware HIPAA

Superior Air-Ground Ambulance Service Data Breach Affects 858K Individuals

HIPAA Journal

MAY 22, 2024

The affected individuals have been advised to remain vigilant against incidents of identity theft and fraud by reviewing their account statements, explanation of benefits, and free credit reports. The post Superior Air-Ground Ambulance Service Data Breach Affects 858K Individuals appeared first on HIPAA Journal.

Fraud

Fraud Licensing HIPAA Health Insurance

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

2024 DOJ False Claims Act Settlements in Healthcare Recover $1.67B

Webinars

Trending Sources

When HIPAA Becomes Criminal

Webinars

Laboratory Services Cooperative Breach Impacts 1.6 Million People

Is Stripe HIPAA Compliant?

Retina Group of Washington Agrees to $3.6 Million Settlement to Resolve Data Breach Lawsuit

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Regulating the DTC Telehealth Boom: How Policies Are Shaping the Future of Prescription Fulfillment

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

Utah Updates Data Breach Notification Requirements

Preventing Non-Compliance Consequences in Healthcare

The Role of AI in Healthcare Compliance

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services

Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks

877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider

Nurse Sentenced to 37 Months in Jail for Tampering with and Stealing Medications

Avem Health Partners and Emory Healthcare Notify Patients About Data Breaches

BJC Healthcare Settles Data Breach Lawsuit Stemming from 2020 Phishing Attack

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

SuperCare Health Sued Over 318,000-Record Data Breach

Good Samaritan Hospital Settles Class Action Data Breach Lawsuit

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Automating Your OIG LEIE Exclusion Search

Umass Memorial Health Proposes $1.2 Million Settlement to Resolve Data Breach Lawsuit

Everything You Need To Know About NPI Numbers

Class Action Lawsuit Filed Against Cardiovascular Associates Over 441K-Record Data Breach

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Electromed Proposes $825,000 Class Action Data Breach Settlement

Verizon unveils new virtual care platform

Progressive Therapeutics allays telehealth security concerns with EHR integration

Lawsuit Filed Against Conifer & Tenet Healthcare Over Email Account Breach

Up to 170,450 Patients Affected by Cyberattack on the Chattanooga Heart Institute

Advent Health Partners Proposes $500,000 Settlement to Resolve Class Action Data Breach Lawsuit

How To Prepare for an OIG Inspection

Home Care Providers of Texas Announces 124K-Record Data Breach

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

Superior Air-Ground Ambulance Service Data Breach Affects 858K Individuals

Stay Connected