HIPAA, Information and Licensing - Health Care Compliance Brief

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

Compliancy Group

DECEMBER 9, 2024

Details of the ransomware attack that exposed PHI, and that may have resulted in unauthorized parties obtaining protected health information, are provided below. The demographic information, including the names, social security numbers, addresses, driver license numbers, and birthdates, may also constitute ePHI.

Ransomware

Ransomware Licensing HIPAA Compliance

Atrium Health responds to new social engineering attack

Healthcare It News

SEPTEMBER 17, 2024

The health system said that the activity of the unauthorized third party was not focused on medical or health information content in the employee email boxes. Information that may have been accessed in the social engineering attack includes: First and/or last name. Driver’s license or state-issued identification number.

Electronic Medical Records

Electronic Medical Records Health Insurance Payment Systems Licensing

Colorado Eye Clinic Investigating Suspected Ransomware Attack

HIPAA Journal

MARCH 25, 2025

Columbia Eye Clinic, South Carolina Columbia Eye Clinic, a medical and surgical ophthalmology practice with four locations in Columbia and Lexington in South Carolina, announced a data security incident on March 14, 2025, involving the exposure of patients’ protected health information.

Ransomware

Ransomware Licensing Electronic Medical Records Health Insurance

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

Protected Health Information Stolen in HealthEquity SharePoint Breach

HIPAA Journal

JULY 5, 2024

HealthEquity has confirmed a breach of its SharePoint data, which included protected health information. HealthEquity HealthEquity, a Draper, UT-based financial technology and business services company, has suffered a cyberattack that has exposed protected health information.

Licensing

Licensing HIPAA Health Insurance

173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach

HIPAA Journal

APRIL 1, 2025

Department of Health and Human Services Office for Civil Rights about a data breach that involved unauthorized access to the protected health information of up to 173,430 individuals. The post 173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach appeared first on The HIPAA Journal.

Licensing

Licensing HIPAA Health Insurance

When HIPAA Becomes Criminal

Healthcare IT Today

DECEMBER 20, 2022

Former Hospital Employees Accused of Selling Patient Information. Five former employees of Methodist Hospital in Memphis, TN, including a recently-licensed Registered Nurse, were indicted by a federal grand jury for allegedly selling medical information about car accident victims to personal injury attorneys and chiropractors.

HIPAA

HIPAA Nurses Licensing Compliance

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

Total HIPAA

MAY 23, 2022

What is Protected Health Information (PHI)? The Health Insurance Portability and Accountability Act ( HIPAA ) is a 1996 federal law that regulates privacy standards in the healthcare sector. Since 1996, Congress has passed additional laws to adapt HIPAA in accordance with new technological advancements. Social security number.

HIPAA

HIPAA Due Diligence Health Insurance Compliance

Beacon Health System Affected by Two Business Associate Email Breaches

HIPAA Journal

MARCH 28, 2025

The account was reviewed, and on January 24, 2025, it was confirmed that emails in the account contained the protected health information of patients of Beacon Health Systems Three Rivers Health Hospital in Michigan. The post Beacon Health System Affected by Two Business Associate Email Breaches appeared first on The HIPAA Journal.

Licensing

Licensing Health Insurance HIPAA Medicaid

Vendor notebook: New AI tools to cut billing burdens, improve testing and more

Healthcare It News

MAY 12, 2023

"We're not only capitalizing on the capabilities of GPT, we're doing so in a highly secure, HIPAA-compliant manner through Microsoft Azure," he added. "Dave provides smart, personalized and accessible information instantaneously, which can greatly improve the quality of care and life for millions of patients worldwide."

HIPAA

HIPAA Medical Billing FDA Licensing

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

HIPAA Journal

JULY 11, 2022

Phoenixville Hospital Fires Employee for HIPAA Violation. When the privacy violation was discovered, the employee was immediately suspended pending an internal investigation and was later fired for the HIPAA breach. Some of the accessed records included partial Social Security numbers and health insurance information.

Hospitals

Hospitals HIPAA Health Insurance Licensing

Tips for HIPAA and OSHA Training for Dental Offices

Compliancy Group

FEBRUARY 23, 2022

Keeping your dental office compliant with HIPAA and OSHA regulations is one more thing to juggle. HIPAA and OSHA training for dental offices is an essential part of compliance. Be able to prove the HIPAA and OSHA training was done. Know the most common HIPAA and OSHA citations and violations. These include: HIPAA.

HIPAA

HIPAA Compliance Licensing

How health systems can better protect patient privacy

Healthcare It News

SEPTEMBER 21, 2023

Eric Liederman, director of medical informatics for the Kaiser Permanente Medical Group, says good communications with patients about cybersecurity protection is essential – even as risks to protected health information are on the rise, from external bad actors and insider threats. "What's going on?

Governance

Governance HIPAA Ransomware Licensing

The Balance Between Promoting Data Sharing and Ensuring the Privacy and Security of Sensitive Health Information

Healthcare IT Today

OCTOBER 8, 2024

Most of the data that we are looking to share is highly sensitive health information, the kind of information that cybercriminals love to hold for ransom. We believe that the best way to protect that information is to not store it. So not only is it highly sensitive, it is also highly sought-after.

US Department of Health and Human Services

US Department of Health and Human Services HIPAA Regulatory Compliance Public Health

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

HIPAA Journal

MARCH 11, 2025

The file review confirmed that the types of data compromised in the cyberattack included names, addresses, dates of birth, Social Security numbers, drivers license numbers, medical information, and health insurance information.

Department of Veterans Affairs

Department of Veterans Affairs Licensing Ransomware Fraud

What are the Penalties for HIPAA Violations?

HIPAA Journal

DECEMBER 24, 2022

Penalties for HIPAA violations can be issued by the Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general. In addition to financial penalties, covered entities are required to adopt a corrective action plan to bring policies and procedures up to the standards demanded by HIPAA. .

HIPAA

HIPAA Compliance Hospitals COVID-19

What is a Limited Data Set Under HIPAA?

HIPAA Journal

JANUARY 1, 2023

A limited data set under HIPAA is a set of identifiable healthcare information that the HIPAA Privacy Rule permits covered entities to share with certain entities for research purposes, public health activities, and healthcare operations without obtaining prior authorization from patients, if certain conditions are met.

HIPAA

HIPAA Licensing Public Health Compliance

Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals

HIPAA Journal

MARCH 25, 2025

Numotion said it has no reason to believe that the accounts were accessed to obtain personal information, and no evidence has been found to indicate any information in the accounts has been stolen and misused. That email breach involved the protected health information of 2,319 individuals.

Ransomware

Ransomware HIPAA Licensing Health Insurance

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

Unauthorized individuals have gained access to the email system of the Administrative Fund of the Detectives’ Endowment Association of the Police Department of the City of New York (NYCDEA) and potentially viewed or obtained the protected health information of 21,544 individuals.

HIPAA

HIPAA Licensing Health Insurance Fraud

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

HIPAA Journal

MAY 2, 2022

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft of the protected health information of tens of thousands of individuals. Valley View Hospital did not state in its substitute breach notice what types of information had been compromised.

HIPAA

HIPAA Health Insurance Licensing Hospitals

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA

HIPAA Ransomware Health Insurance Compliance

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Schneck Medical Center has agreed to pay a penalty of $250,000 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws and will implement additional safeguards to prevent further data breaches.

HIPAA

HIPAA Ransomware Health Insurance Fraud

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud

Fraud Health Insurance Ransomware HIPAA

Azura Vascular Care Agrees to $3.15 Million Data Breach Settlement

HIPAA Journal

APRIL 1, 2025

On October 9, 2023, Azura Vascular Care identified suspicious network activity, with the forensic investigation confirming that hackers had access to its network between September 27, 2023, and October 9, 2023, during which time they potentially stole the protected health information of patients. The post Azura Vascular Care Agrees to $3.15

Licensing

Licensing HIPAA Compliance

Is Stripe HIPAA Compliant?

HIPAA Journal

JANUARY 10, 2024

Stripe is not HIPAA compliant and – other than its payment processing services – should not be used by covered entities and business associates to create, collect, store, or transmit Protected Health Information (PHI). Is Stripe HIPAA Compliant? Stripe complies with multiple US and International data privacy regulations (i.e.,

HIPAA

HIPAA US Department of Health and Human Services Fraud Telemedicine

The Most Common HIPAA Violations You Should Avoid

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules. Are Data Breaches HIPAA Violations?

HIPAA

HIPAA Compliance Hospitals Medicare

Avalon Healthcare Settles HIPAA Case with Oregon and Utah State AGs and Pays $200,000 Penalty

HIPAA Journal

DECEMBER 30, 2022

Avalon Healthcare has agreed to settle alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws with the Oregon and Utah Attorneys General that were uncovered during an investigation of a 2019 breach of the personal and protected health information of 14,500 of its employees and patients.

HIPAA

HIPAA Compliance Compliance Officers Licensing

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Bill of Health

JUNE 5, 2023

medical licensing exam , diagnose illnesses , and even outshine human doctors on measures of perceived empathy , raising many questions about how AI will reshape health care as we know it. In the field of medicine, ChatGPT already has been reported to ace the U.S. But what happens when AI gets things wrong?

Malpractice

Malpractice FDA HIPAA Doctors

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

HIPAA Journal

AUGUST 10, 2023

The Ottumwa Fire Department in Iowa has recently fired employees for alleged violations of the HIPAA Rules and other misconduct. Clinical information that could have been accessed included diagnoses, lab results, medications, and procedures. Kye and Keith are entitled to request a hearing.

HIPAA

HIPAA Ransomware Licensing Health Insurance

Is Microsoft Teams HIPAA Compliant?

HIPAA Journal

JUNE 5, 2023

If your HIPAA-covered organization is planning to use Microsoft Teams to collect, store, share, or transmit electronic PHI, it is important to know how to make Microsoft Teams HIPAA compliant. How to Make Microsoft Teams HIPAA Compliant No software is HIPAA compliant.

HIPAA

HIPAA Due Diligence Compliance Licensing

Laboratory Services Cooperative Breach Impacts 1.6 Million People

HIPAA Journal

APRIL 11, 2025

million people that some of their personal and health information has been exposed or stolen in a recent hacking incident. Health insurance information such as plan names, plan types, insurance companies, and member/group ID numbers. Million People appeared first on The HIPAA Journal.

Ransomware

Ransomware Fraud HIPAA Licensing

SimonMed Imaging Confirms January 2025 Cyberattack

HIPAA Journal

APRIL 2, 2025

The post SimonMed Imaging Confirms January 2025 Cyberattack appeared first on The HIPAA Journal. At least one class action lawsuit has already been filed against SimonMed over the incident.At present, no data breach is displayed on the HHS Office for Civil Rights breach portal, so it is unclear how many individuals have been affected.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud

Fraud Health Insurance Ransomware HIPAA

Hillcrest Convalescent Center Announces 106K-Record Data Breach

HIPAA Journal

MARCH 11, 2025

The data review was completed on February 13, 2025, and confirmed that names, dates of birth, Social Security numbers, medical information, treatment information, healthcare provider information, and health insurance information had been exposed.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Using a Virtual Private Network (VPN) vs. SSL/TLS in a HIPAA Environment

Total HIPAA

JULY 12, 2022

Also, without a properly configured website with SSL/TLS certificates, any information you access on a website that is not encrypted is easily intercepted in transit. Many internet service providers offer SSL/TLS licenses for free or for less than $100/year. Depending on a third party to protect your information.

HIPAA

HIPAA Compliance Licensing COVID-19

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

HIPAA Journal

MARCH 18, 2022

the former operator of Eastern Ozarks Regional Health System in Cherokee Village, and owners Robert Becht of Hartsville, TN, and Theresa Hanson of Deland, FL, for mishandling the sensitive personal and protected information of thousands of individuals. I am holding the hospital and its owners accountable.”.

Licensing

Licensing HIPAA Hospitals Health Insurance

Security and Privacy Hurdles Plaguing AI-Driven Health Services

Healthcare IT Today

OCTOBER 25, 2023

Sriram Rajagopalan , Enterprise Agile Evangelist at Inflectra Today’s most significant risk regarding security and privacy issues in health services is consumers’ need for more awareness of personal health information. Technology is growing faster than we can catch up, and we are giving away our personal information too soon.

HIPAA

HIPAA Licensing Doctors Nurses

Regulating the DTC Telehealth Boom: How Policies Are Shaping the Future of Prescription Fulfillment

Healthcare IT Today

MARCH 26, 2025

As the sector adapts, telehealth providers must navigate new compliance challenges, particularly regarding controlled substances, data privacy, and multi-state licensing. While telehealth is federally recognized, each state maintains its own set of rules governing online prescribing , provider licensing, and telehealth modalities.

FDA

FDA Compliance Licensing Fraud

Logan Health Medical Center Cyberattack Affects More Than 213,000 Patients

HIPAA Journal

FEBRUARY 23, 2022

Logan Health Medical Center in Kalispell, MT, has recently started notifying certain patients that hackers gained access to a file server that housed patient information in “a highly sophisticated criminal attack.”. The types of information in the compromised files varied from patient to patient.

Electronic Medical Records

Electronic Medical Records HIPAA Health Insurance Medical Billing

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

HIPAA Journal

MAY 24, 2022

PHC has now confirmed in a breach notification to the Maine Attorney General that the protected health information of 854,913 current and former health plan members has potentially been stolen, making this one of the largest healthcare data breaches to be reported so far this year.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Amazon Clinic may delay its nationwide telehealth launch

Healthcare IT News - Telehealth

JUNE 27, 2023

They said customers who decline HIPAA consent on the website are prevented from completing their patient registration with Amazon Clinic and are redirected to a third-party provider information page.

HIPAA

HIPAA Telemedicine Licensing

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. The attackers compromised FCHC’s old dental system which contained the PHI of patients who had received dental services prior to August 31, 2020.

Ransomware

Ransomware Hospitals Licensing HIPAA

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

A round-up of 6 cyberattacks that have recently been reported by healthcare providers and business associates that resulted in the exposure and possible theft of patients’ protected health information. The files exfiltrated from its systems included the protected health information of patients. Duncan Regional Hospital.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Pennsylvania’s Updated Breach Notification Law Requires Credit Monitoring Services for Breach Victims

HIPAA Journal

JULY 8, 2024

Pennsylvania has updated its data breach notification law, narrowing the definition of personal information, adding the requirement to notify the state Attorney General, and requiring credit monitoring services to be provided to data breach victims in certain circumstances. The amended law takes effect on September 26, 2024.

Licensing

Licensing HIPAA Health Insurance Compliance

Data Breaches Reported by New Jersey Brain and Spine, Highmark Inc. and Dialyze Direct

HIPAA Journal

MARCH 23, 2022

a Pittsburgh, PA-based non-profit healthcare company and Integrated Delivery Network has recently announced that some HIPAA-protected data has been exposed in a data breach at the printing and mailing vendor, Quantum Group, which was used by its vendor, Webb Mason, which provides marketing services to Highmark. Highmark Inc.,

HIPAA

HIPAA Licensing Health Insurance Governance

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

Atrium Health responds to new social engineering attack

Webinars

Trending Sources

Colorado Eye Clinic Investigating Suspected Ransomware Attack

Webinars

Protected Health Information Stolen in HealthEquity SharePoint Breach

173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach

When HIPAA Becomes Criminal

Protected Health Information (PHI): Everything You Need to Know about HIPAA and PHI

Beacon Health System Affected by Two Business Associate Email Breaches

Vendor notebook: New AI tools to cut billing burdens, improve testing and more

Patient Information Compromised at Phoenixville Hospital, Family Practice Center, and Southwest Health Center

Tips for HIPAA and OSHA Training for Dental Offices

How health systems can better protect patient privacy

The Balance Between Promoting Data Sharing and Ensuring the Privacy and Security of Sensitive Health Information

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

What are the Penalties for HIPAA Violations?

What is a Limited Data Set Under HIPAA?

Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

6 HIPAA-Regulated Entities Report Email Account Breaches and the Exposure of PHI

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

Azura Vascular Care Agrees to $3.15 Million Data Breach Settlement

Is Stripe HIPAA Compliant?

The Most Common HIPAA Violations You Should Avoid

Avalon Healthcare Settles HIPAA Case with Oregon and Utah State AGs and Pays $200,000 Penalty

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

Is Microsoft Teams HIPAA Compliant?

Laboratory Services Cooperative Breach Impacts 1.6 Million People

SimonMed Imaging Confirms January 2025 Cyberattack

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

Hillcrest Convalescent Center Announces 106K-Record Data Breach

Using a Virtual Private Network (VPN) vs. SSL/TLS in a HIPAA Environment

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

Security and Privacy Hurdles Plaguing AI-Driven Health Services

Regulating the DTC Telehealth Boom: How Policies Are Shaping the Future of Prescription Fulfillment

Logan Health Medical Center Cyberattack Affects More Than 213,000 Patients

Over 850,000 Individuals Affected by Partnership HealthPlan of California Cyberattack

Amazon Clinic may delay its nationwide telehealth launch

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

Pennsylvania’s Updated Breach Notification Law Requires Credit Monitoring Services for Breach Victims

Data Breaches Reported by New Jersey Brain and Spine, Highmark Inc. and Dialyze Direct

Stay Connected