In July, 2020, cloud software firm Blackbaud announced that it had been the victim of a ransomware attack that began in February of 2020 and continued until Blackbaud was able to kick the attackers out of their system in May. In order to try to protect their clients from having personal and sensitive information on…
Category: Health Data
BE: Cyber attack on Sacred Heart Hospital Mol: no patients at risk, but administration back on paper
vrtNWS reports (translation): The Sacred Heart Hospital in Mol has been hit by a cyber attack. Criminals have managed to smuggle viruses into the hospital’s IT system, presumably via email. No data has been stolen, so the patients’ medical information has not been leaked, but the viruses have shut down many systems. Read more on vrtNWS….
CEO who lied to thousands of patients by telling them they had less than six months to live in order to enroll them in hospice sentenced to prison
There are bad breaches, and then there are the ones where words like “despicable,” “evil,” “immoral,” “disgusting,” and “reprehensible” just seem too weak to express how decent people might feel. This case out of Texas is one of those. Here is DOJ’s press release issued today: The CEO of a Texas-based group of hospice and…
Boise Man Sentenced to 3.5 Years in Federal Prison for Health Care Fraud and Aggravated Identity Theft
When people talk about medical identity theft, they are generally referring to the patient’s identity information being stolen and misused to seek and obtain medical care or for similar purposes. But healthcare fraud may also involve stealing the identity information of providers so that fraudulent bills can be created to defraud the government. Here’s a…
HITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards
Anna D. Kraus, Libbie Canter, Tara Carrier, and Olivia Vega of Covington & Burling write: On January 5, 2021, an amendment to the Health Information Technology for Economic and Clinical Health (“HITECH”) Act was signed into law. The amendment requires the U.S. Department of Health and Human Services (“HHS”) to “consider certain recognized security practices of covered…
Court Holds Data Breach Notice Disclosing Potential Cyberattack Did Not Establish Plaintiffs’ Standing in Privacy Litigation
Christina Lamoureux of Squire Patton Boggs writes: While many federal courts have weighed in on the issue of what suffices for Article III standing in the context of a data breach litigation, not all state courts have. Last week, the Superior Court of Delaware found that a group of plaintiffs who received a notice that their personal…