Michael Bertoncini writes: Health insurance carriers often provide explanation of benefits (EOB) summaries to the policyholder specifying the type and cost of health care services received by dependents covered by the policy. EOBs often disclose sensitive information regarding the mental or physical health condition of adult dependents. Massachusetts has now enacted a law, an act…
Category: U.S.
States Increase HIPAA Enforcement
Elliot Golding and Jennifer Tharp of Squire Patton Boggs write: Overview of Recent Settlement Actions Recent Health Insurance Portability and Accountability Act (“HIPAA”) enforcement settlements for Virtual Medical Group (“VMG”) in New Jersey and EmblemHealth in New York may signal a broader trend of increased state HIPAA enforcement. Under the Health Information Technology for Economic…
Former University of Iowa student pleads guilty to grade-changing hacking scheme
Jordan Prochnow reports that Trevor Graves, the former University of Iowa student who had been charged with hacking the school’s network to change grades, was back in court on Monday to plead guilty. According to a plea agreement, Graves intentionally “caused the transmission of a command that caused damage and impairment to the integrity or…
TaskRabbit Takes Down App and Website After Getting Hacked
Catalin Cimpanu reports: TaskRabbit, a web-based service that connects freelance handymen with clients in various local US markets, has emailed customers admitting it suffered a security breach. The company has taken down its app and website while law enforcement and a private cyber-security firm are investigating the incident. The hack appears to have taken place…
More than 100 Iditarod volunteers’ personal information potentially compromised
KTUU is reporting that more than 100 Iditarod race volunteers may have had their personal details on a computer that was stolen on March 11. Chas St. George, the Chief Operations Officer of the ITC, says a race volunteer had their car stolen, inside the car was a password protected laptop and thumb drive containing personal…
UnityPoint Health notifying patients of phishing attack
On February 15, 2018, UnityPoint Health discovered our email system was the victim of a phishing attack that compromised some employee email accounts. UnityPoint Health promptly took action to secure the impacted email accounts, changed passwords, and engaged external cybersecurity professionals to analyze what information might have been contained in the impacted accounts. After a…