Nevro Corporation in California provides what they call HF10 therapy devices for patients coping with chronic pain. After several laptops with patient data were stolen during an office burglary, they had to notify patients that their information was on the unencrypted devices: name, street address, birth date, procedure date, medical device identifiers (such as serial number),…
Category: Health Data
Fresenius Medical Care North America settles HHS OCR complaint for $3.5m plus corrective action plan
Fresenius Medical Care North America (FMCNA) has agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and to adopt a comprehensive corrective action plan, in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. FMCNA…
HHS OCR January 2018 OCR Cybersecurity Newsletter: Cyber Extortion
January 30, 2018 Incidents of cyber extortion have risen steadily over the past couple of years and, by many estimates, will continue to be a major source of disruption for many organizations. Cyber extortion can take many forms, but it typically involves cybercriminals’ demanding money to stop (or in some cases, to merely delay) their…
MO: Licensed Professional Counselor Pleads Guilty to $175,000 Medicaid Fraud Scheme
A DOJ press release, but unfortunately, it doesn’t reveal for whom the defendant was working when she misused patient information. Was she self-employed or an employee of another entity? Jefferson City, Mo. – Missouri Attorney General Josh Hawley announced that Corrine A. Dale, of St. Louis, entered an open plea in St. Louis County Circuit Court…
Allscripts Hit with Class-Action Complaint After Ransomware Attack
Can’t say that I’m surprised, not after reading that practices were having to turn patients away because they couldn’t access their patient records or billing records. Rajiv Leventhal reports that a class action complaint has been filed against Allscripts: It was just last week when electronic health record (EHR) vendor Allscripts suffered a ransomware attack…
UK: Former civil servant suing government department after ‘highly sensitive’ medical information reportedly revealed in email
Neal Keeling reports: A former civil servant is suing the government department where he worked after ‘highly sensitive’ medical information about him was reportedly revealed to a dozen colleagues in an email. Lawyers for Aftab Marchant have issued High Court proceedings against the Department for Work and Pensions (DWP) and are seeking damages of up…