Another settlement announced from HHS tonight. From their press release: The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has imposed a $1,600,000 civil money penalty against the Texas Health and Human Services Commission (TX HHSC), for violations of the Health Insurance Portability and Accountability Act of 1996…
Category: Health Data
The Newfoundland and Labrador Medical Care Plan only recently disclosed a breach that occurred in January 2018.
CBC reports that the Newfoundland and Labrador Medical Care Plan (MCP) has disclosed a breach that involves a missing binder with the personal health information of roughly 3,300 people. While that’s bad enough, the binder has reportedly been missing from the MCP office in Grand Falls-Windsor since January 2018, but the Department of Health wasn’t…
“Crafty Cockney” loses extradition appeal; closer to standing trial in U.S. for alleged role in “thedarkoverlord” attacks
Nathan Wyatt, the 38 year-old U.K. resident known as “Crafty Cockney” on AlphaBay market, has lost his bid to convince the High Court to overturn a lower court’s ruling that he should be extradited to the U.S. Today’s ruling means that Wyatt is one step closer to being extradited to stand trial in federal court…
Failure to Encrypt Mobile Devices Leads to $3 Million HIPAA Settlement
From HHS OCR: The University of Rochester Medical Center (URMC) has agreed to pay $3 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules….
Data Breaches Cost Hospitals $4B Annually – survey
Jack O’Brien reports on findings from a recent survey of more than 2,870 security professionals from 733 provider organization. Spoiler alert: almost every IT professional agreed with the sentiment that data attackers are outpacing medical enterprises. The total cost of data breaches at healthcare organizations is projected to reach $4 billion by the end of…
Brooklyn Hospital Center notifies patients after data could be not be recovered after malware attack
Brooklyn Hospital Center has issued a press release about a data incident that may not have resulted in access or exfiltration of patient data (they couldn’t determine that) but did result in their inability to recover certain data related to specific patients. From their notice: In late July 2019, the Hospital became aware of unusual activity…