Enterprise IT security news and advice

Kern County Mental Health Division Publicizes Secrecy Break

Kern County Mental Health Division, CA. (KCMH) has informed a break of safeguarded health information that happened during the transfer of its administrative division in April 2016. The break included the revelation of a partial amount of safeguarded health information of sick persons who had earlier received treatment from KCMH during September 1, to September 30, 2006. When the administrative department moved, the previous offices...

Read More

Up to 400K Prisoners’ SSNs and PHI Revealed

Up to 400K existing and earlier inmates imprisoned by the California Department of Rehabilitation and Corrections during 1996 to 2014 have possibly had their medical data, Social Security numbers, and personally identifiable information displayed. Last month California Correctional Healthcare Services (CCHCS) reported the data break and an alternate break notice was displayed on the website of CCHCS on May 13; nevertheless, at the...

Read More

Verity Health System Prey of Phishing Assault

Verity Health System has become prey to a phishing assault leading to confidential worker data being transmitted out of the company. Employee names, Social Security numbers, addresses, money earned in the fiscal year, as well as particulars of tax pending have been revealed to the invader. The break only impacted present and past workers who would have gotten a W-2 for the past fiscal year. No patient information was encroached in the...

Read More

40,000 Podiatry Patients Notified of PHI Revelation

Earlier this year, Stamford Podiatry Group P.C., has found out that an illegal third party accessed to its computer systems for a period of nearly 2 months. The intruder was capable to see company data and possibly accessed the electronic medicinal record (EMR) database also. 40,491 patients have now been informed of the secrecy break and possible theft/accessing of their safeguarded health info. EMR files potentially copied/accessed...

Read More

Tucson Emergency Chamber Patients’ PHI Thieved from Doctor’s Automobile

Roughly 1K patients in Southern Arizona have received notices of a break of safeguarded health information after the thievery of a doctor’s record. The record had been dumped in the automobile of a doctor who performed for Emergency Medicine Associates, which delivered ER staff for Carondelet Health Network hospices in Tucson. A burglar broke into the doctor’s automobile on or around March 25, 2016, and took away the logbook. The...

Read More

HHS Publicizes Release of the Ultimate Data Safety Policy Rules Framework

Sylvia Matthews Burwell, HHS Secretary has publicized the release of the ultimate Data Safety Policy Rules Framework for the Precision Medicine Initiative (PMI) which was introduced by President Obama in the early part of 2015. The Security Principles Framework was upgraded to assist healthcare companies that take part in the PMI know the safety measures that should be implemented to safeguard sensitive environmental, health, and...

Read More

Medical Colleagues of Texas Hacking Case Affects 68,000 Patients

Medical Colleagues of Texas, a doctors’ alliance in Katy, TX. has found out an illegal person gotten entry to its system having the files of over 68,000 patients. The precise description of the case hasn’t been revealed and an inquiry into the safety break is continuing. The doctors’ alliance was ignorant how access was gotten to its methods at the time of sending the break notification; nevertheless, the inquiry into the break has...

Read More

95000 More Patients Revealed to Have Been Affected by Bizmatics Data Break

The OCR has gotten two more break reports from healthcare suppliers affected by the Bizmatics data break. Nearly 95K patients of the 2 healthcare services have possibly had their files accessed by cyberpunks. Southeast Eye Institute P.A, carrying out business as Eye Associates of Pinellas, has informed 87,314 patients of the break, whereas Lafayette Pain Care, PC. has possibly had the files of 7,500 people searched by cyberpunks. Eye...

Read More

Illinois Data Break Notice Law Renewed

Illinois data break notice rule has been updated, widening the meaning of private information and modifying the timescale for alerting the Attorney General of data breaks. A break notice will have to be released if an individual’s complete name or last name, as well as signature, is revealed in association with any of the below-mentioned data elements:   Health insurance information Medical information Email addresses and...

Read More

4K Michigan Chiropractic Patients Informed of Possible Data Break

4,082 sick persons of Complete Chiropractic & Bodywork Therapies (CCBT) have been informed of a possible break of safeguarded health information following malware was found in one of the firm’s servers. The malware was found on 19th March, 2016, when the server failed. The failing of the server triggered CCBT’s safety procedures which incorporated stopping Internet access, separating the server, as well as altering all...

Read More

2,100 Old-timers Had Their PHI Revealed in April

Every month the Division of Veteran Matters issues a statement to Congress on the info safety cases experienced by Veteran Affairs (VA) services during the month. Protected health information (PHI) disclosures increased substantially in April, with 2,105 old-timers’ PHI being unintentionally exposed or disclosed. In total, 2556 old-timers were affected by information safety cases in April, leading to the VA dispatching 1,690 breach...

Read More

Florida Medical Clinic Informs 1K Patients of Secrecy Breach

Florida Medical Clinic, PA., has informed 1K patients that their outstanding balance reports were revealed online as a consequence of a misconfiguration of its Patient Portal. Outstanding balance reports of a few patients, between November 18, and January 6, 2016, were seen by industrial account sick persons when they registered onto the Patient Portal. Just a partial amount of patient files was on view so there isn’t thought to be a...

Read More

Anti-Malware Scan Halts Cardiac Catheterization Process

It’s imperative for anti-malware keys to be utilized to defend medical appliances, even though care should be taken when designing software. In the same way, as was lately stressed at a U.S. hospice, a misconfiguration of software has the possibility to have a harmful effect on sick people. Previously this calendar year, a cardiac catheterization process had to be stopped when a home monitor personal computer was stopped from...

Read More

23000 Patients of Mayfield Clinic Receive Malware-Infected Email

The Mayfield Clinic of Cincinnati patients received an email in February that contained a malevolent attachment which transferred ransomware onto their machines. The entrance on the HHS’ OCR infringement portal shows 23,341 patients received the email, even though it’s unclear how many of email receivers opened the malevolent attachment as well as infected their machines. A person who got access to a databank possessed by one of...

Read More

California Ransomware Law Approved by State Senate Commission

Bob Hertzberg, Californian Senator, introduced a new proposal (Senate Proposal 1137) in February that suggests a modification to the punitive policy in California in order to make it an offense to intentionally fix ransomware on a CPU. The proposal has now been approved by the Senate’s Commission on Public Security, getting it a stage nearer to being presented to the state parliament. The proposal should now be presented to Senate...

Read More

1,400 Weaknesses Discovered in Admired Drug Cabinet System

As per an advisory released by the Division of Homeland Security, an admired drug cabinet system has been discovered to have more than 1,400 weaknesses, a lot of which might be abused distantly using freely available activities. Additionally, the abuses might be carried out by an aggressor with a miserable degree of talent. The admired drug cabinet found out to have these weaknesses is type 8.1.3, which hasn’t been upgraded since...

Read More

Mercy Hospital in Iowa Noticed Data-Capturing Virus

As per a statement issued by the hospital late previous week, a computer virus might have permitted hackers to get the data of roughly 15,000 sick persons of Mercy Iowa City. Sick persons began to be informed of the security break by mailing on Friday, March 25, 2016, and have been notified that their name, date of birth, address, treatment information, medical analyses, as well as health insurance details – containing their policy...

Read More

2 More Californian Hospital Ransomware Assaults Informed

2 more hospitals in South of California have informed being harmed with ransomware. The Victorville’s Desert Valley Hospital as well as Chino Valley Medical Center, which are both managed by Prime Healthcare, were hit on Friday previous week. A lot of computers had data protected with the file-encrypting malware but the attackers succeeded to penetrate a few of the hospitals’ servers sooner than the assault was found out and...

Read More

$1.55 Million HIPAA Agreement for Want of BAA as well as Risk Study Failures

The Division of Health and Human Services’ OCR has declared it has achieved an agreement with North Memorial Health Care of Minnesota on suspected HIPAA breaches from a 2011 data break. North Memorial has consented to pay $1,550,000 to OCR to settle down the HIPAA violation fees. After a PHI break reported on September 27, 2011, OCR carried out an inquiry and found HIPAA violations that contributed to the cause of a breach of...

Read More

21st Century Oncology Informs 2.2M Patients of Hacking Case

At 21st Century Oncology, a hacker accessed a patient database having Social Security numbers and insurance data of patients in October. The case isn’t of the magnitude of the breaks at Primera Blue Cross, Excellus BCBS, or Anthem, however, it does classify as among the biggest healthcare data breaks of 2015. On March 4, 2016, a governmental filing was delivered to the Securities and Exchange Commission of the United States showing...

Read More

911 Dispatcher Sacked for Secrecy Breach

The illegal sharing of secret health info on Facebook has led to a 911 dispatcher losing her job, however that might not be the conclusion of it. The patient whose secrecy was breached thinks the loss of service isn’t punishment sufficient for the secrecy privacy breach and desires criminal accusations to be submitted for the secrecy infringement. Any info provided over the phone by a patient to a 911 dispatcher must be considered...

Read More

Rogue Worker Thieves 24000 Jackson Health System Patient Files

A Jackson Health System worker is accused of thieving about 24,000 patient files over a duration of 5 years. The unit secretary of the hospital has been put on administrative leave till the end of an internal inquiry into the extended HIPAA infringement. The alleged thievery of patient info has also been informed to law enforcement. Remarkably, the worker has been named but not yet sacked. This indicates that the proof already...

Read More

HIPAA Business Associate Informs 31K Record Data Violation

Omaha-based Seim Johnson, a commercial partner of several healthcare providers in Nebraska and outside, has declared that one of its laptops was thieved in Nashville, Tennessee, revealing almost 31,000 healthcare patient files. The laptop had the protected health information of 30,972 healthcare patients, including 4,200 patients of Community Hospital in McCook, Nebraska. It’s not sure which other healthcare providers were functioning...

Read More

Apple Health HIPAA Violation Affects 91K Medicaid Receivers

As per a statement released by Steve Dotson, HCA risk manager, a Washington State Health Care Authority (HCA) worker has breached the safeguarded health info of 91,000 Apple Health Medicaid package customers over a duration of nearly 3 years. All affected persons are being informed that their name, Social Security number, Apple Health ID number, date of birth, and private health info were improperly revealed between 2013 and 2015. The...

Read More

Two Employees Sacked for Jason Pierre-Paul HIPAA Violation

Earlier in July 2015, Jason Pierre-Paul, New York Giant football team member paid a visit to Jackson Memorial Hospital of Miami for medication following a fireworks mishap. News reports appeared soon after verifying Pierre-Paul had undergone a major hand damage. At the time of the disaster, the football player was discussing a new $60 million agreement with the Giants. ESPN’s Adam Schefter succeeded to get control of Pierre-Paul’s...

Read More

Borgess Rheumatology Notifies 700 Patients of Mailing Mistake

Borgess Rheumatology has notified that 700 of its patients have been affected by a mailing mistake which happened on December 9, 2015. That revealed their PHI. Although no Social Security numbers or other extremely confidential data have been revealed, concerned patients have had their names as well as the truth that they get medical services at Borgess Rheumatology revealed to another patient. In each one incident, a lone patient...

Read More

Lincare Inc to Disburse $239,800 CMP for HIPAA Infringement

For just the second time in its past, OCR has instructed a HIPAA-covered body to disburse civil fiscal fines for HIPAA infringements. Lincare Inc. is needed to pay $239,800 for breaches of the HIPAA Secrecy Law which were found during the inquiry of a complaint concerning an infringement of 278 patient data. The Secrecy Law breach – 45 C.F.R. § 164.530(i) – was lately approved by a U.S. Department of Health as well as Human Services...

Read More

Hawai‘i Medical Facility Association Privacy Infringement Affects 10,800

Autonomous Blue Cross Blue Shield license holder Hawai‘i Medical Service Association (HMSA) has begun sending infringement announcement letters to 10,800 members warning them to a privacy infringement that led to one member’s medical disorder being revealed to another HMSA member. The privacy infringement was triggered by a mistake made with the dispatching of care management letters to members, which led to letters being dispatched...

Read More

Survey Shows Law Companies are not Complying with HIPAA Regulations

The Health Insurance Portability and Accountability Act (HIPAA) deals with health insurers, healthcare providers, and healthcare clearinghouses, and all covered entities are required to comply with HIPAA Privacy, Security, and Infringement Announcement Laws. HIPAA additionally applies to vendors as well as other firms carrying out business with covered bodies, which are classified as HIPAA Business Associates. In case a Business...

Read More

Community Mercy Health Partners Informs Patients of November Data Infringement

During late November, a member of the public found many documents at a recycling center which seemed to have come from hospitals administrated by Community Mercy Health Partners. The documents included complete info concerning patients who had gotten medical services between 2005 and 2013. The info in the documents contained patients’ names, physicians’ names, health insurance details, medical diagnoses, types of study they were...

Read More

St. Luke’s Cornwall Hospital Informs Data Exposure to 29K Patients

St. Luke’s Cornwall Hospital has released a media declaration providing more information on the 29,156-record data infringement that happened on October 31, 2015. The hospital has clarified that the infringement happened when an unknown person entered a top-secret space of the hospital and thieved a thumb drive having a limited amount of patient data. The device was unencrypted as well as contained patient names, medical record...

Read More

Six Lost Hard Drives Informed by Centene: 950,000 Members Affected

Centene Corporation, Wisconsin-based health insurer, has declared the loss of 6 unencrypted computer hard drives having the safeguarded health information of roughly 950,000 of its members. The hard drives were being utilized for a job to make better the health results of plan members. The persons affected by the security infringement had all received laboratory facilities from 2009 to 2015. The data saved on the devices included...

Read More

Snapchat Video Post Causes Nursing Assistant Sacked

A nursing helper from the Parkside Manor assisted-living service in Kenosha, WI. has been sacked for showing a video of a nearly nude 93-year-old Alzheimer’s patient as well as distributing the file on Snapchat. In recent months an unpleasant tendency has developed concerning nurses taking pictures as well as videos of old patients and distributing the files on social media nets. The videos and images display patients in performing...

Read More

Phishing Assault Borne by Brigham and Women’s and Brigham as well as Women’s Faulkner Hospitals

Boston’s Brigham and Women’s Hospital has warned patients of a security infringement as soon as a phishing assault compromised the email account of a hospital worker. 1,009 patients have been impacted by the cyberattack.   Late previous year, a Brigham and Women’s Hospital worker suffered a phishing assault that developed in the login identifications of an email account being revealed to the invader. The account included a small...

Read More

New West Health Services Data Breach Affected 25,000 Patients

New West Health Services has begun informing 25,000 patients concerning the loss of a password-protected, unencrypted laptop containing wide-ranging Protected Health Information. Latest West Health Services Data Infringement Affects 25,000 Patients   New West Health Services, a not-for-profit provider of subsidized health policies, including Medicare Supplement and Medicare Advantage plans, has informed the thievery of one of its...

Read More

Telephone Phishing Swindle Affects 21K Blue Shield of California Customers

An infringement of PHI caused by a worker of a business partner who fell for a telephone phishing fraud has been informed by Blue Shield of California. Nearly 21,000 people have been influenced by the security infringement. Insurers and healthcare providers must conduct staff training to make sure workers are conscious of the danger of phishing campaigns sent by email, however, the newest Californian healthcare data infringement...

Read More

Latest Oregon Infringement Notification Law Becomes Effective

Companies doing business in the state of Oregon should now abide by the latest data infringement law that became effective on January 1, 2016. If a data infringement is suffered that reveals the personal information of over 250 state residents, an infringement notice should be presented to the Oregon Attorney General. On June 10 previous year, Kate Brown, Oregon Governor initialed the latest rule (Oregon Amended Laws 646A.604)...

Read More

IU Health Arnett Security Infringement Affects 29K Patients

Arnett Hospital of Indiana University Health has notified 29,324 patients concerning the possible revelation of their Protected Health Information (PHI) following an unencrypted flash drive vanished from its emergency division. The flash drive was found to be lost on November 20, 2015, and an inspection was instantly started. Work is continuing to try to find the lost flash drive that was stolen inside a part of the hospital not open...

Read More

Advantages of Healthcare Text Messaging Emphasized by New Analysis

Additional evidence has appeared presenting the advantages of healthcare written messaging. A recently published study in the Journal of the American Heart Association obviously indicated that an automatic mHealth interference using Smartphone and text messages tracing applications might prove to be a good approach for rising patients’ physical activity stages. The advantages of rising activity stages, particularly for patients with...

Read More

Infringement of Washington Town Health Care District Information

Roughly 3 months after suffering an infringement of personal information, Washington Town Health Care District has tendered an infringement notification to the California Attorney General’s Office describing an infringement of personal information of Californians. The information infringement was found out on October 8, 2015, and included the possible opening of a Washington Community Health Resource Library computer system by an...

Read More

Cottage Health System Security Inspection Exposes 11K-Record Data Break

On Tuesday Cottage Health System informed its 11,000 sick persons to instruct them that a few of their PHIs were revealed as a consequence of a server occurrence that happened in October 2015. For two weeks, patients had their names and addresses, details of medicinal findings and processes, and their Social Security numbers displayed as a consequence of shelters being detached from a server. An announcement publicized by Cottage...

Read More

Connecticut OIG Makes $90K Pact with Hartford Hospital and BA Over 2012 Laptop Theft

Hartford Hospital as well as one of its BAs, EMC Corporation (EMC), have contracted to a settlement with the Connecticut OIG on the 2012 thievery of a laptop having the unencrypted files of 8,883 Connecticut inhabitants. Hartford Hospital and EMC have contracted to a payment of $90,000 to settle the happening. The contract was reached willingly, and no confession of responsibility has been acknowledged by either party. EMC was hired...

Read More

ONC Publicizes Final 10-Year Interoperability Program

On Tuesday, the Office of the National Coordinator for Health IT announced the long-anticipated final 10-Year Interoperability Program. After the announcement of the draft form of the program in January 2015, the Office of the National Coordinator wanted remarks from interested parties. More than 250 remarks were received, which were utilized to fine- tune the plan before the announcement of the final form. The final Countrywide...

Read More

Car Theft Leads to Revelation of PHI of 2900 People

Insurance Data Services (IDS), a Wyoming-based medicinal invoicing firm, has begun to send break notice letters to patients of Claystone Clinical Associates, one of its HIPAA-covered customers, to notify them of the possible revelation of some of their Protected Health Information (PHI). A West Michigan based Delivery Service had been contracted by IDS to deliver client mailings; however, the automobile utilized by the courier firm...

Read More

Urology Associates Notifies 6500-Record Documents Break

Offsite storing of paper medical files might be convenient if facility room is restricted; but as Kailspell-based healthcare supplier, Urology Associates lately found the decision to store files offsite might prove to be costly. The firm had taken help of a local storing service and rented a unit to stock boxes of old medical files. Unluckily, the facility was lately thieved. Storage Units are Dangerous Places to Keep Confidential...

Read More

Healthcare Software Security Evaluated by Veracode

The cloud presents healthcare suppliers the chance to simplify the provision and administration of medical facilities. However, healthcare suppliers trying to use the ability of the cloud might possibly be putting Protected Health Information (PHI) at peril. HIPAA needs covered entities to always protect PHI, whether it takes the shape of digital files or physical records. Any PHI accessible or stored through applications or other...

Read More

Crown Point Medical Tests Uncovers HIPAA Breach

A former company belonging to Crown Point Medical Tests has breached the Health Insurance Portability and Accountability Act (HIPAA) when it did not securely throw away files having the Protected Health Information (PHI) of more than 166 people. The victims had earlier had medical checks handled via My Fast Lab. Barry Walker of Cedar Lake established My Fast Lab in 2013, even though the business is no more in operation. The business...

Read More

Hacking Peaks List of 2015 Data Break Reasons

A study of break details for the duration of the initial 5 months of the year demonstrates that the main reason of 2015 HIPAA breaks is still hacking, which keep on to reveal patient health files in the millions. The huge data break at Anthem Inc., revealed 78.8 million member files, however, the HIPAA breach at Premera Health was possibly more severe. Even though 11 million files were taken by hackers – significantly less than in the...

Read More

Symantec Study Confirms Data Breaks Rose 23% in 2014

It’s April, which indicates the announcement of the Symantec Yearly Internet Security Statement. Every year the security software business issues a report collected from the files that it accumulated throughout the course of the previous year. The statement – which can be viewed here – is an awareness of the overall condition of cybersecurity. The figures demonstrate that the quantity of security breaches increased 23% in 2014. The...

Read More

Existing Risk of Scam from 2012 Philadelphia Ambulance HIPAA Break

This week the Philadelphia Fire Department informed a data break involving 750 people who had utilized the ambulance facility in 2012. Three years before a worker of Intermedix, the company accustomed to managing the Fire Department’s data requirements, had been provided access to files; however, one worker utilized his data access rights to thieve financial files of patients. The files were thieved to file fake tax returns as per an...

Read More