Samantha Liss reports: As CommonSpirit Health, formed by the merger of Dignity Health and Catholic Health Initiatives in 2019, continues to deal with the fallout from a ransomware attack three weeks ago, security experts say such tie-ups and acquistions make healthcare systems more vulnerable to security breaches. M&A in healthcare “creates a huge risk” and a…
Category: Health Data
California Appellate Court In Ruling of First Impression Affirms Denial of Class Certification in Data Breach Involving Confidential Medical Information
Kristin L. Bryan of Squire Patton Boggs writes about a lawsuit stemming from an insider wrongdoing situation first reported in 2018: Last month a California appellate court affirmed (for the first time among any state appellate courts to consider the issue) the lower court’s denial of class certification for claims brought under the Confidentiality of…
HIPAA Security Rule Security Incident Procedures
HHS OCR’s October newsletter begins: Every October, in recognition of National Cybersecurity Awareness Month, the federal government and its partners work to educate stakeholders on cybersecurity awareness and how best to protect the privacy and security of confidential data. Within the health care industry, the HIPAA Security Rule1 applies to covered entities2 and their business associates3 (“regulated entities”)…
AU: Medibank’s latest update reveals more woes; My Home Hospital patient info accessed
AU health insurer Medibank has been diligently providing updates on a massive data breach. With each update, they have revealed growing awareness of how much personal data has been accessed or exfiltrated. Their latest update, issued overnight, begins: It has become clear overnight that the criminal has accessed patient information relating to My Home Hospital….
Medibank updates incident report; customer data also affected
Medibank has provided yet another update on the ransomware attack previously noted on this site: There has been a further development in Medibank’s cybercrime event, which is subject to a criminal investigation by the Australia Federal Police (AFP). It has become clear that the criminal has taken data that now includes Medibank customer data, in…
Lawsuit against Labette Health dismissed
A Kansas health center has succeeded in getting a potential class action lawsuit against it dismissed for lack of standing. DataBreaches previously reported that Labette Health had disclosed a breach that occurred in October 2021. Now Bloomberg Law reports that plaintiffs’ claims that Labette violated state consumer protection law failed to demonstrate that they had…