Veradigm LLC is a health information technology company that provides software solutions to healthcare providers. On September 22, 2025, Veradigm filed breach notification letters with some state attorneys general. According to the notice, Veradigm learned that an unauthorized party accessed some clients’ data on December 15, 2024. The clients’ data was located in a storage…
Category: HIPAA
Another plastic surgery practice fell prey to a cyberattack that acquired patient photos and info
Another plastic surgeon has become the victim of a cyberattack that involved patient information and photographs. On October 23, Michael R. Schwartz, MD, FACS, notified the California Attorney General’s Office that, on August 25, they became aware of remote, unauthorized access to one of their computers. Investigators found that an unauthorized party had accessed patient…
JFL Lost Up to $800,000 Weekly After Cyberattack, CEO Says No Patient or Staff Data Was Compromised
Juan F. Luis Hospital CEO Darlene A. Baptiste says no personal data was stolen in the April cyberattack that forced the hospital offline for months, causing major billing delays, financial losses, and a massive system rebuild now nearly complete. Ernice Gilbert reports: The April cyberattack that crippled the Juan F. Luis Hospital’s electronic systems cost the facility…
Missing Risk Analysis Cost NY CPA Firm $175K—But Not the Big Group Whose Data Was Breached in 2019
Theresa Defino reports: Covered entities (CEs) and business associates (BAs) might be forgiven if the most recent HHS Office for Civil Rights (OCR) HIPAA enforcement action evoked little more than a yawn. Yes, the $175,000 payment isn’t a particularly large amount, and the sole alleged violation is a retread. Actually, it’s the 10th in OCR’s…
Verily Faces Lawsuit Over Alleged HIPAA Violations
John Blacksmith reports: Verily, owned by Alphabet, is facing a lawsuit filed by an ex-employee who alleges the misuse of the personally identifiable health information of over 25,000 patients, and the failure of the company to submit HIPAA breach reports, as per the Health Insurance Portability and Accountability Act (HIPAA) requirement. Verily, previously known as…
HHS Releases Updated Security Risk Assessment Tool
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) and the Assistant Secretary for Technology Policy (ASTP) are pleased to announce the release of version 3.6 of the Security Risk Assessment (SRA) Tool. To help you make the most of these updates, ASTP and OCR are hosting live webinars on September…