MEDICAL DEVICE MAKERS EXPECT ATTACKS WITHIN NEXT YEAR, BUT AREN’T PREPARED
“A new survey found 67 percent of medical device manufacturers and 56 percent of healthcare delivery organizations (HDOs) believe their devices are likely to be the target of a cyberattack within the next 12 months. While many companies are concerned about the possibility of an imminent attack, most manufacturers remain unprepared. Just 17 percent of […]
Phishing Attack Results in $400,000 HIPAA Breach Fine
“Investigators from the U.S. Department of Health and Human Services Office of Civil Rights (OCR) found that MCPN violated the HIPAA Security Rule by failing to do proper risk assessments or implement adequate cybersecurity measures and procedures. “Specifically, MCPN has failed to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to […]
Hacker Attacks, Ransomware, Trojans and Viruses – German Healthcare Industry under Massive Attack
“The healthcare industry is ranked in the top 5 industries of medical identities becoming more and more lucrative on the black market. Cyber criminals have sophisticated intrusion ways against healthcare organisations leaving them exposed to the most advanced persistent threats. But how can it happen to you? Take a look at Locky for example. What […]
68% of Healthcare Organizations Have Compromised Email Accounts
“Evolve IP has published the results of a new study that has revealed the extent to which healthcare email credentials are being compromised and sold on the dark web. The FBI has also recently warned about Business Email Compromise (BEC). Email credentials are highly valuable to cybercriminals. A compromised email account can be plundered to […]
Survey Indicates Law Firms are not Complying with HIPAA Rules
“The Health Insurance Portability and Accountability Act (HIPAA) covers healthcare providers, health insurers, and healthcare clearinghouses, and all covered entities are required to comply with HIPAA Privacy, Security, and Breach Notification Rules. HIPAA also applies to vendors and other companies doing business with covered entities, which are classed as HIPAA Business Associates (BAs). If a […]
Memorial Hospital pays $5.5M in settlement over potential HIPAA violations
“Memorial Healthcare Systems has agreed to pay a $5.5 million settlement to the U.S. Department of Health and Human Services over potential HIPAA violations. The security breach was discovered when Memorial launched an internal investigation in 2012 after two hospital employees stole patients’ personal information to make money filing phony tax returns, said Kerting Baldwin, […]
Memorial Healthcare Systems to pay $5.5M over potential HIPAA violations
“Memorial Healthcare Systems has paid HHS $5.5 million to settle potential HIPAA violations, HHS disclosed on Thursday. The six-hospital nonprofit system disclosed to HHS’ OCR that 115,143 individuals’ protected health information (PHI) had been impermissibly accessed by employees and impermissibly disclosed to affiliated physician office staff. The settlement comes weeks after Children’s Medical Center of […]
31 Health Data Breaches Disclosed in January as HHS Fines for Late Reporting
“2017 has kicked off with a huge proportion of insider threats, as January data from disclosed breaches reveals that 59.2% of breached patient records were the result of insiders. This month’s health data breaches reinforce the importance of health data security, as the need to protect patient data from insiders continues to loom large. Healthcare […]
Stolen USB Drive Leads to $2.2 Million HIPAA Breach Penalty
“An insurance underwriter paid a $2.2 million HIPAA breach settlement after a USB drive containing the electronic protected health information (ePHI) of more than 2,200 people was stolen from its IT department, federal authorities announced today. As part of the Jan. 11 agreement, MAPFRE Life Insurance Company of Puerto Rico (MAPFRE) also entered into a […]
Foot-Dragging on HIPAA Breach Notice Costs Illinois Health System
“An Illinois health system has reached a $475,000 settlement over allegations it waited too long to report a data breach, the first time the government has settled over untimely breach notifications. Presence Health uncovered a data breach on Oct. 22, 2013 affecting 836 individuals, but didn’t report the breach to affected individuals until Feb. 3, […]