HIPAA – Page 5 – DataBreaches.Net

General Hospital Cybersecurity Requirements Take Effect in New York

Posted on October 9, 2024October 9, 2024 by Dissent

Mark Furnish and Jane M. Preston of Greenberg Traurig, LLP write: A new regulation related to cybersecurity program requirements for all New York general hospitals licensed under Article 28 of the Public Health Law (PHL) took effect Oct. 2, 2024. All general hospitals must comply with the new provisions within one year of the adoption…

When you don’t know why you are being notified of a breach, Tuesday edition (2)

Posted on October 8, 2024October 16, 2024 by Dissent

On March 19, 2024, DataBreaches reported a ransomware attack targeting New York Plastic Surgical Group (a division of Long Island Plastic Surgical Group). According to one of the threat actors involved, the attack occurred on January 7 and involved both RADAR and AlphV (BlackCat) groups working together — AlphV to encrypt files and negotiate the ransom…

HHS Office for Civil Rights Imposes a $240,000 Civil Monetary Penalty Against Providence Medical Institute in HIPAA Ransomware Cybersecurity Investigation

Posted on October 5, 2024October 5, 2024 by Dissent

In April 20218, DataBreaches reported a ransomware incident in February 2018 that had affected 81,550 patients of the Center for Orthopaedic Specialists (COS) – Providence Medical Institute (PMI) in California. The entity’s notification at the time indicated that patients’ names, dates of birth, details about medical records, and Social Security numbers had been involved in the…

Alaska Corrections contractor denies ACLU claim of ‘massive’ prisoner health data breach

Posted on October 4, 2024 by Dissent

Sage Smiley reports: The American Civil Liberties Union of Alaska said that it uncovered a “massive” violation of medical privacy laws by a software company used by the Alaska Department of Corrections. But the software company at the center of the complaint claims that’s “false and misleading,” and that there was no breach of data…

Senate bill pushes cyber mandates for medical industry in wake of Change Healthcare debacle

Posted on September 27, 2024 by Dissent

Jonathan Greig reports: Hospitals and other healthcare businesses would be required to adopt minimum cybersecurity standards and face annual audits under new legislation introduced by two prominent senators on Thursday. The Health Infrastructure Security and Accountability Act, announced by Sens. Ron Wyden (D-OR) and Mark Warner (D-VA), would provide $1.3 billion for the Department of…

Silence may not be golden: Visiting Physicians Network still silent one year after alleged data breach?

Posted on September 15, 2024 by Dissent

In September 2023, DataBreaches reported on an alleged ransomware attack involving Visiting Physician’s Network in Texas. The report provided screenshots of data leaked on the Threeam gang’s leak site and noted that Visiting Physician’s Network did not respond to inquiries about the breach. It is now one year later. DataBreaches has found no substitute notice,…