Health Insurance, Information and Licensing - Health Care Compliance Brief

Health Care, AI, and the Law: An Emerging Regulatory Landscape in California

Bill of Health

OCTOBER 17, 2024

AB 3030 requires that health care providers disclose when they have used generative AI to create communications with patients. SB 1223 amended the California Consumer Privacy Act of 2018 to include neural data as sensitive personal information, whose collection and use companies can be directed to limit.

Medicare

Medicare Medicare Health Insurance Licensing

Ghost Networks and Mental Healthcare

Bill of Health

NOVEMBER 17, 2024

by Rebekah Ninan A recent lawsuit in the Southern District of New York has alleged that the health insurance company Anthem Blue and Cross Blue Shield violated state laws and committed fraud by maintaining “ghost networks” of mental health providers. A second license could cost a provider hundreds if not thousands of dollars.

Licensing

Licensing COVID-19 Fraud Health Care Access

Atrium Health responds to new social engineering attack

Healthcare It News

SEPTEMBER 17, 2024

The health system said that the activity of the unauthorized third party was not focused on medical or health information content in the employee email boxes. Information that may have been accessed in the social engineering attack includes: First and/or last name. Bank or financial account numbers or information.

Electronic Medical Records

Electronic Medical Records Health Insurance Payment Systems Licensing

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

Compliancy Group

DECEMBER 9, 2024

Details of the ransomware attack that exposed PHI, and that may have resulted in unauthorized parties obtaining protected health information, are provided below. The demographic information, including the names, social security numbers, addresses, driver license numbers, and birthdates, may also constitute ePHI.

Ransomware

Ransomware Licensing HIPAA Compliance

Colorado Eye Clinic Investigating Suspected Ransomware Attack

HIPAA Journal

MARCH 25, 2025

Columbia Eye Clinic, South Carolina Columbia Eye Clinic, a medical and surgical ophthalmology practice with four locations in Columbia and Lexington in South Carolina, announced a data security incident on March 14, 2025, involving the exposure of patients’ protected health information.

Ransomware

Ransomware Licensing Electronic Medical Records Health Insurance

Protected Health Information Stolen in HealthEquity SharePoint Breach

HIPAA Journal

JULY 5, 2024

HealthEquity has confirmed a breach of its SharePoint data, which included protected health information. Data breaches have also been reported by Kairos Health Arizona and Ambulnz. The extent of the breach and the types of information involved has bot yet been publicly disclosed.

Licensing

Licensing HIPAA Health Insurance

Beacon Health System Affected by Two Business Associate Email Breaches

HIPAA Journal

MARCH 28, 2025

The account was reviewed, and on January 24, 2025, it was confirmed that emails in the account contained the protected health information of patients of Beacon Health Systems Three Rivers Health Hospital in Michigan. Notification letters were mailed to the affected individuals on February 10, 2025.

Licensing

Licensing Health Insurance HIPAA Medicaid

173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach

HIPAA Journal

APRIL 1, 2025

Department of Health and Human Services Office for Civil Rights about a data breach that involved unauthorized access to the protected health information of up to 173,430 individuals. CDHA Management, LLC and Spark DSO, LLC, which do business as Chord Specialty Dental Partners, have recently notified the U.S.

Licensing

Licensing HIPAA Health Insurance

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

HIPAA Journal

JULY 11, 2022

The employee viewed names, addresses, dates of birth, appointment dates, diagnoses, vital sign information, medications, test results, and physicians’ notes. Some of the accessed records included partial Social Security numbers and health insurance information. Family Practice Center Reports October 2021 Hacking Incident.

Hospitals

Hospitals HIPAA Health Insurance Licensing

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems.

Fraud

Fraud Health Insurance Ransomware HIPAA

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

HIPAA Journal

MARCH 11, 2025

The file review confirmed that the types of data compromised in the cyberattack included names, addresses, dates of birth, Social Security numbers, drivers license numbers, medical information, and health insurance information.

Department of Veterans Affairs

Department of Veterans Affairs Licensing Ransomware Fraud

Reforming Health Insurance

Healthcare IT Today

JUNE 3, 2024

Nobody really knows or cares what health care costs, because they aren’t paying. He further asserts that on average, only 53% of your health insurance premiums get returned to you as benefits. However, the ACA states “…an insurance company must assign 80% of their premiums to activities that develop the healthcare sector.”

Health Insurance

Health Insurance ACA Doctors Fraud

Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals

HIPAA Journal

MARCH 25, 2025

Numotion said it has no reason to believe that the accounts were accessed to obtain personal information, and no evidence has been found to indicate any information in the accounts has been stolen and misused. That email breach involved the protected health information of 2,319 individuals.

Ransomware

Ransomware HIPAA Licensing Health Insurance

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

A round-up of 6 cyberattacks that have recently been reported by healthcare providers and business associates that resulted in the exposure and possible theft of patients’ protected health information. The files exfiltrated from its systems included the protected health information of patients.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems.

Fraud

Fraud Health Insurance Ransomware HIPAA

Laboratory Services Cooperative Breach Impacts 1.6 Million People

HIPAA Journal

APRIL 11, 2025

million people that some of their personal and health information has been exposed or stolen in a recent hacking incident. Health insurance information such as plan names, plan types, insurance companies, and member/group ID numbers.

Ransomware

Ransomware Fraud HIPAA Licensing

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

Phoenix, AZ-based Valle del Sol Community Health has notified 70,268 patients that some of their protected health information has been exposed. Valle de Sol said the investigation indicated unauthorized individuals had access to files containing sensitive patient data and that patient information may have been acquired.

Health Insurance

Health Insurance Licensing Fraud HIPAA

Featured Health IT Jobs – Information Services Support Specialist

Healthcare IT Today

AUGUST 23, 2023

Today, we’re featuring the Information Services Support Specialist position that was recently posted on Healthcare IT Central. As a key member of our Information Services department, you’ll be responsible for addressing technical issues, providing hands-on troubleshooting, and maintaining optimal system performance.

Telemedicine

Telemedicine Licensing Health Insurance

SimonMed Imaging Confirms January 2025 Cyberattack

HIPAA Journal

APRIL 2, 2025

SimonMed said several steps have been taken to improve security as a result of the incident, including enhancing multifactor authentication, resetting passwords, implementing endpoint detection and response monitoring, and removing all third-party vendor direct access to systems within SimonMeds environment and all associated tools.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

Total HIPAA

MAY 23, 2022

What is Protected Health Information (PHI)? The Health Insurance Portability and Accountability Act ( HIPAA ) is a 1996 federal law that regulates privacy standards in the healthcare sector. Today, the law serves the same purpose: to safeguard Protected Health Information in order to keep individuals safe.

HIPAA

HIPAA Due Diligence Health Insurance Compliance

EU and US Regulatory Challenges Facing AI Health Care Innovator Firms

Bill of Health

APRIL 4, 2024

The main federal health privacy law, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) applies only to “covered entities” like health insurers, claims- processing clearinghouses, and health care providers and their business associates, and only to a subset of protected health care information.

FDA

FDA Malpractice Regulatory Compliance Health Insurance

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

HIPAA Journal

JULY 5, 2022

University Pediatric Dentistry in Buffalo, NY, has started notifying 6,843 patients that some of their protected health information has been exposed in an email security incident. A limited number of patients also had financial account information exposed.

Licensing

Licensing Electronic Medical Records Health Insurance Hospitals

Hillcrest Convalescent Center Announces 106K-Record Data Breach

HIPAA Journal

MARCH 11, 2025

The data review was completed on February 13, 2025, and confirmed that names, dates of birth, Social Security numbers, medical information, treatment information, healthcare provider information, and health insurance information had been exposed.

Ransomware

Ransomware HIPAA Licensing Health Insurance

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

HIPAA Journal

FEBRUARY 16, 2022

The investigation confirmed its electronic medical record system and other clinical systems were not compromised in the attack; however, on January 13, 2022, Philadelphia FIGHT discovered the attacker had accessed non-clinical systems that housed files containing the protected health information of around 15,000 patients.

Electronic Medical Records

Electronic Medical Records Health Insurance Licensing HIPAA

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

Ultimate Care said no reports have been received that indicate there has been any misuse of patient information; however, as a precaution against identity theft and fraud, individuals whose Social Security numbers were impacted have been offered complimentary one-year memberships with a credit monitoring service.

Health Insurance

Health Insurance Licensing Ransomware Fraud

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

HIPAA Journal

MARCH 14, 2022

Capital Region Medical Center (CRMC) in Jefferson City, MO has recently confirmed patient information was accessed by unauthorized individuals in a December 2021 cyberattack that took its network and phone systems offline for several days. It was initially unclear if patient information had been compromised but that has now been confirmed.

Electronic Medical Records

Electronic Medical Records Health Insurance HIPAA Licensing

Trust My Doctor and Fear the Office: The Telehealth Opportunity in and Beyond the COVID-19 Pandemic

Health Populi

MAY 21, 2020

patients’ most-trusted source of coronavirus information. Nearly every respondent in the study reported having health insurance coverage. Among those covered with insurance, one-half had employer-sponsored insurance, 1 in 4 Medicare, and 13%, individual cover. Doctors maintain their top status as U.S.

COVID-19

COVID-19 Doctors Health Insurance Medicare

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Bill of Health

JUNE 5, 2023

medical licensing exam , diagnose illnesses , and even outshine human doctors on measures of perceived empathy , raising many questions about how AI will reshape health care as we know it. Therefore, the use of ChatGPT by health care providers has additional liability risks in clinical settings.

Malpractice

Malpractice FDA HIPAA Doctors

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

HIPAA Journal

APRIL 25, 2024

Several class action lawsuits have been filed against City of Hope National Medical Center, a National Cancer Institute (NCI)-designated cancer treatment and research center, over a recently disclosed data breach that exposed the protected health information of more than 827,000 individuals.

Fraud

Fraud Health Insurance HIPAA Licensing

Logan Health Medical Center Cyberattack Affects More Than 213,000 Patients

HIPAA Journal

FEBRUARY 23, 2022

Logan Health Medical Center in Kalispell, MT, has recently started notifying certain patients that hackers gained access to a file server that housed patient information in “a highly sophisticated criminal attack.”. The types of information in the compromised files varied from patient to patient.

Electronic Medical Records

Electronic Medical Records HIPAA Health Insurance Medical Billing

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

HIPAA Journal

MAY 24, 2022

PHC has now confirmed in a breach notification to the Maine Attorney General that the protected health information of 854,913 current and former health plan members has potentially been stolen, making this one of the largest healthcare data breaches to be reported so far this year.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

HIPAA Journal

SEPTEMBER 9, 2022

Birmingham, AL-based Henderson & Walton Women’s Center (HWWC) has recently notified 34,306 patients that some of their protected health information may have been compromised as a result of a hacker gaining access to the email account of one of its employees. The information exposed varied from patient to patient.

Licensing

Licensing Health Insurance Fraud HIPAA

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

Unauthorized individuals have gained access to the email system of the Administrative Fund of the Detectives’ Endowment Association of the Police Department of the City of New York (NYCDEA) and potentially viewed or obtained the protected health information of 21,544 individuals.

HIPAA

HIPAA Licensing Health Insurance Fraud

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

HIPAA Journal

MARCH 29, 2023

A third-party computer forensics firm was engaged to assist with the investigation and determined that there was unauthorized access to files containing patient information from January 20, 2023. OU Health – Stolen Laptop Computer OU Medicine Inc. Notification letters were mailed to the affected individuals on March 24, 2023.

Hospitals

Hospitals Ransomware Licensing Health Insurance

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

HIPAA Journal

JULY 14, 2022

The affected email accounts included names, Social Security numbers, driver’s licenses, financial account information, usernames and passwords, passport numbers, biometric data, medical information, health insurance information, electronic/digital signatures, and employer-assigned identification numbers.

Licensing

Licensing Health Insurance Ransomware HIPAA

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

HIPAA Journal

SEPTEMBER 8, 2023

Just Kids Dental Suffers Ransomware Attack Acadia Health, LLC, doing business as Just Kids Dental, has started notifying 129,623 patients that some of their protected health information was stolen in an August 2, 2023, ransomware attack. The types of information involved varied from individual to individual.

Licensing

Licensing Ransomware Health Insurance HIPAA

Regulating the DTC Telehealth Boom: How Policies Are Shaping the Future of Prescription Fulfillment

Healthcare IT Today

MARCH 26, 2025

As the sector adapts, telehealth providers must navigate new compliance challenges, particularly regarding controlled substances, data privacy, and multi-state licensing. While telehealth is federally recognized, each state maintains its own set of rules governing online prescribing , provider licensing, and telehealth modalities.

FDA

FDA Compliance Licensing Fraud

Healthcare Data Potentially Compromised in 5 Hacking Incidents

HIPAA Journal

MAY 2, 2023

NYSARC Columbia County Chapter Notifies Individuals About July 2022 Ransomware Attack NYSARC Columbia County Chapter (COARC) has started notifying certain individuals that some of their protected health information has potentially been obtained by unauthorized individuals in a July 2022 ransomware attack.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

HIPAA Journal

MARCH 18, 2022

the former operator of Eastern Ozarks Regional Health System in Cherokee Village, and owners Robert Becht of Hartsville, TN, and Theresa Hanson of Deland, FL, for mishandling the sensitive personal and protected information of thousands of individuals. I am holding the hospital and its owners accountable.”.

Licensing

Licensing HIPAA Hospitals Health Insurance

Pennsylvania’s Updated Breach Notification Law Requires Credit Monitoring Services for Breach Victims

HIPAA Journal

JULY 8, 2024

Pennsylvania has updated its data breach notification law, narrowing the definition of personal information, adding the requirement to notify the state Attorney General, and requiring credit monitoring services to be provided to data breach victims in certain circumstances. The amended law takes effect on September 26, 2024.

Licensing

Licensing HIPAA Health Insurance Compliance

DOJ charges four in $37M global telehealth fraud scheme

Healthcare IT News - Telehealth

DECEMBER 17, 2021

Department of Justice announced this past Friday that it had charged four people, one of whom is a licensed physician, in an international telehealth fraud and kickback scheme. The agency said that patient information had been provided by marketing companies. WHY IT MATTERS. THE LARGER TREND.

Fraud

Fraud Telemedicine Nurses Licensing

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

HIPAA Journal

MARCH 4, 2022

A round-up of data breaches that have recently been reported by healthcare organizations that have involved the exposure or theft of individuals’ personal and protected health information. Catholic Health Services Reports Breach of Employee Email Accounts.

Health Insurance

Health Insurance HIPAA Licensing

Physicians Business Office Reports Data Breach Affecting 196,573 Individuals

HIPAA Journal

SEPTEMBER 30, 2022

Consent was then obtained to send notification letters on behalf of the affected healthcare provider clients, and work commenced on obtaining up-to-date contact information for the affected individuals. Those files were potentially accessed and may have been copied from its systems.

Licensing

Licensing HIPAA Health Insurance

Round Up of Recent Hacking Incidents and Email Account Breaches

HIPAA Journal

JANUARY 13, 2023

The affected system contained billing information that was potentially accessed and obtained in the attack. A review of the email account confirmed the following types of information had been exposed: names, dates of birth, diagnoses, treatment information, and provider information.

Health Insurance

Health Insurance Licensing HIPAA Hospitals

Health Care, AI, and the Law: An Emerging Regulatory Landscape in California

Ghost Networks and Mental Healthcare

Webinars

Trending Sources

Atrium Health responds to new social engineering attack

Webinars

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

Colorado Eye Clinic Investigating Suspected Ransomware Attack

Protected Health Information Stolen in HealthEquity SharePoint Breach

Beacon Health System Affected by Two Business Associate Email Breaches

173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

Reforming Health Insurance

Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

Laboratory Services Cooperative Breach Impacts 1.6 Million People

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

Featured Health IT Jobs – Information Services Support Specialist

SimonMed Imaging Confirms January 2025 Cyberattack

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

EU and US Regulatory Challenges Facing AI Health Care Innovator Firms

Data Breaches Reported by University Pediatric Dentistry, OrthoNebraska, Michigan Avenue Immediate Care

Hillcrest Convalescent Center Announces 106K-Record Data Breach

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

Trust My Doctor and Fear the Office: The Telehealth Opportunity in and Beyond the COVID-19 Pandemic

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach

Logan Health Medical Center Cyberattack Affects More Than 213,000 Patients

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

Regulating the DTC Telehealth Boom: How Policies Are Shaping the Future of Prescription Fulfillment

Healthcare Data Potentially Compromised in 5 Hacking Incidents

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

Pennsylvania’s Updated Breach Notification Law Requires Credit Monitoring Services for Breach Victims

DOJ charges four in $37M global telehealth fraud scheme

Healthcare Organizations Report Email Compromises, Hacking Incidents and Other ePHI Exposures

Physicians Business Office Reports Data Breach Affecting 196,573 Individuals

Round Up of Recent Hacking Incidents and Email Account Breaches

Stay Connected