HIPAA – Page 18 – DataBreaches.Net

If Your Disclosure of a Data Breach Was “Late,” You May Have to Litigate

Posted on December 23, 2021 by Dissent

Jean E. Tomasco of Robinson & Cole writes about a breach involving an accounting firm that is a business associate to a number of covered entities. This month, the firm, Bansley & Kierner, issued a notice and started notifying individuals and HHS. But the time frame for discovery and notification has resulted in a potential…

United Health Centers of San Joaquin Valley remains publicly silent after ransomware attack

Posted on September 25, 2021 by Dissent

Threat actors known as Vice Society have disclosed another attack on the healthcare sector. This time, the victim is United Health Centers of the San Joaquin Valley in California. Lawrence Abrams of BleepingComputer reports: On August 31st, BleepingComputer was told by a source in the cybersecurity industry that United Health Centers was reeling from a…

Reports of ePHI breaches are everywhere, but not always were you might look

Posted on September 24, 2021 by Dissent

There are a number of journalists or sites that monitor news and legal notices for disclosures of breaches involving protected health information (PHI). And it’s tempting, when you see that the entity is a business, to just skip on by. But don’t. If a business has a health plan for employees, then they may be…

Ransomware Resources for HIPAA Regulated Entities

Posted on September 21, 2021 by Dissent

The HHS Office for Civil Rights (OCR) is sharing the following information to ensure that HIPAA regulated entities are aware of the resources available to assist in preventing, detecting, and mitigating breaches of unsecured protected health information caused by hacking and ransomware. HHS Health Sector Cybersecurity Coordination Center Threat Briefs: https://www.hhs.gov/about/agencies/asa/ocio/hc3/products/index.html#sector-alerts January 28, 2021 –…

Internal emails raise questions about government’s investigation into Walgreens privacy breach

Posted on August 25, 2021 by Dissent

I am so glad to see a follow-up on this case because I had the same questions about how and why Walgreens did not suffer the same federal penalties as CVS and Rite Aid for the same infringement of HIPAA. My original coverage of this breach is no longer online as the former version of…

Still Missing a New Leader, Former OCR Directors, Experts Offer Advice, Task List

Posted on August 16, 2021 by Dissent

Theresa Defino writes: Issue a final rule revising the privacy regulation and write guidance on the information blocking rule. Formalize the fledgling audit program required by Congress more than 10 years ago. Engage with providers and other HIPAA-regulated entities. And by all means, get cracking. In a series of interviews with RPP, two former Office for…