Skip to main content

HIPAA & Cybersecurity Updates - The federal Office for Civil Rights (under Department of Health & Human Services)
announced following settlements based on HIPAA violation investigations:
o $15,000 = All Inclusive Medical Services of California
o $70,000 = Northeast Behavioral Health, part of Beth Israel Lahey Health of
Massachusetts
o $3500 = Dr. Patricia King Psychiatric Clinic of Chesapeake, VA
o $10,000 = Wise Psychiatry of Centennial, CA
o $38,000 = Housing Works Health of New York


- Bay Area Medical center, part of Advocate Aurora Health, in Marinette, Wisconsin, notified 2,979 patients that their PHI was exposed after paper medical records were discovered left behind in former facility.


- Fairfax County Public School District of Virginia notified an unknown number of students that their info was exposed after ransomware attack.


- Roper St. Francis Healthcare of Charleston, SC notified 93,000 patients their PHI was exposed after hacking incident.


- Geisinger Health location in Berwick, Pennsylvania notified 700 patients that a former employee illegally accessed their PHI.


- Community Medical Centers of California notified an unknown number of patients that their PHI may have been exposed after hacking incident.


- Children’s Minnesota Hospital notified an unknown number of patients that their PHI may have been exposed after hacking incident.


- Hebrew SeniorLife of Massachusetts notified an unknown number of patients that their PHI may have been exposed after hacking incident.


- Augusta University Medical Center of Georgia notified an unknown number of patients that their PHI may have been exposed after hacking incident.


- The University Hospital of New Jersey notified an unknown number of patients that their PHI may have been exposed after ransomware attack.


- Artech Information Systems of Morristown, NJ notified an unknown number of employees and customers that this info may have been exposed after ransomware attack.


- ZDNet magazine published results of study of COVID-19 era security issues:
o 40% increase in unsecure remote desktop PCs (working from home employees)
o 400% increase in brute force attacks using remote desktop protocol
o 667% increase in email phishing attacks
o 3 times more employees clicking on email phishing schemes during pandemic
o 90% of COVID-19 created domains on the Internet are scams
o 72% more ransomware attacks

- DarkTracer Research reported that it found data from 605 companies posted on the Dark Web as a result of ransomware attacks successfully being completed by 14 different hacking groups this year.


- Floral Park-Bellerose Public School District of New York notified an unknown number of students that their info may have been exposed after ransomware attack.

Crowdstrike report shows:
o During first half of 2020, they found 41,000 intrusions (up 15%) by hackers that were hands-on, meaning human hackers actively explored systems themselves, rather than using botnets

- Dunkin’s Brands Inc. of Canton, Mass, agreed to pay $650,000 to state of New York to settle data breach negligence lawsuit.


- Jekyll Island Authority of Brunswick, Georgia notified an unknown number of citizens that their info may have been exposed after ransomware attack.


- Federal prosecutors have charged 5 hackers in China with breaching more than 100 companies in the U.S. Since there is no extradition policy with China, arresting them will be impossible if they stay in China.


- Erlanger Health of Chattanooga, TN notified 4,938 patients that their PHI was exposed after a CD-ROM was misplaced that had their records.


- A former patient of St. Louis, Missouri-based BJC HealthCare filed a class-action lawsuit against the health system over a cybersecurity incident
o BJC HealthCare reported three employees' email accounts were breached on
May 5 and may have exposed PHI
o personal health information. The information included patient names, medical records, clinical information, insurance information and Social Security numbers.
o plaintiffs are seeking financial compensation, lifetime consumer credit protection and monitoring services and restitution.

- Facebook has been accused of spying on its Instagram users for 'market research' by secretly accessing their mobile cameras through the app, according to a new lawsuit filed in San Francisco, CA

 is accused of intentionally activating smartphone cameras to collect
'lucrative and valuable data that it would not otherwise have access
to', Bloomberg reported.

- The Veteran Affairs Department notified 46,000 veteran patients that their PHI was exposed after email phishing attack.


- Spectrum Health of Michigan notified its patients of a “vishing” scam, where criminals are pretending to be hospital employees and calling patients in attempt to steal PHI.


- Millstone Township School District of New Jersey notified an unknown number of students that their info may have been exposed after ransomware attack.


- Somerset Hills School District of NJ notified an unknown number of students that their info may have been exposed after ransomware attack.


- Newhall School District of Valencia, CA notified an unknown number of students that their info may have been exposed after ransomware attack.


- West County School District of Missouri notified an unknown number of students that their info may have been exposed after ransomware attack.


- St. Louis County government offices of Missouri notified an unknown number of citizens that their info may have been exposed after ransomware attack.


- West Mifflin Area School District of Pennsylavania notified an unknown number of students that their info may have been exposed after ransomware attack.


- The City of Carmel government in Indiana notified an unknown number of citizens that their info may have been exposed after ransomware attack.


- Skidmore-Tynan School District of Texas notified an unknown number of students that their info may have been exposed after ransomware attack.


- Guilford Technical Community College of Jamestown, NC notified an unknown
number of students that their info may have been exposed after ransomware attack.

If you like something I've posted please feel free to click the "like" button!

Original Post

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×
×