In recognition of National Cybersecurity Awareness Month, OCR has produced a new video this October for organizations covered under the HIPAA Rules on Recognized Security Practices. Recommended security practices can help organizations improve their ability to safeguard patient information from cyberattacks and better safeguard the health care services we all rely upon. Section 13412 of…
Category: Health Data
Healthcare provider to incarcerated people discloses breach by data security incident by claims processor
Mediko, Inc. has issued a press release concerning an unintended exposure of protected health information by their third-party claims processor, CorrectCare. According to their notice, on July 6, CorrectCare discovered that two file directories on their server had been misconfigured and were exposing files to the public. The investigation subsequently determined that the exposure occurred…
Young Finnish man detained in absentia over data breach at Vastaamo
The Vastaamo psychotherapy clinic hack and extortion attempt in Finland, first disclosed in 2020, remains one of the most sensitive and disturbing breaches DataBreaches has ever covered. Past news items about it can be found here. Now there is an update. Aleksi Teivainen of Helsinki Times reports: The District Court of Helsinki on Friday detained…
NL: Patient files of Rainier van Arkel also captured in a hack
Jeffrey Clark reports: Data from the files of 184 clients of mental health organizations Reinier van Arkel and Ypse in Den Bosch was captured in the major health care filings hack earlier this week. The health care institution confirms this on its website. All concerned clients have been informed by the institution. It is not…
After CommonSpirit ransomware attack: Why healthcare M&A is a ‘huge’ cybersecurity risk
Samantha Liss reports: As CommonSpirit Health, formed by the merger of Dignity Health and Catholic Health Initiatives in 2019, continues to deal with the fallout from a ransomware attack three weeks ago, security experts say such tie-ups and acquistions make healthcare systems more vulnerable to security breaches. M&A in healthcare “creates a huge risk” and a…
California Appellate Court In Ruling of First Impression Affirms Denial of Class Certification in Data Breach Involving Confidential Medical Information
Kristin L. Bryan of Squire Patton Boggs writes about a lawsuit stemming from an insider wrongdoing situation first reported in 2018: Last month a California appellate court affirmed (for the first time among any state appellate courts to consider the issue) the lower court’s denial of class certification for claims brought under the Confidentiality of…