HHS OCR has announced another settlement of a HIPAA complaint: Elite Dental Associates, Dallas (“Elite”) has agreed to pay $10,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act…
Category: U.S.
IN: Goshen Health notifies patients potentially impacted by 2018 data security breach
Sometimes, an incident that doesn’t appear to require notification may require notification under HIPAA. In an August, 2018 incident reported on The Elkhart Truth that involved Goshen Health, the health system originally determined that no notification was required, but when forensic investigators came in months later and looked for any information that might have been…
PA: Wyoming Area School District pays $38,000 ransom to free their network from attack
Andy Mehalshick reports: A school district in Luzerne County confirmed Tuesday it was the victim of a ransomware attack that locked up their computers for weeks. Wyoming Area School District officials say they had no choice but to pay up to free their computer network. “It slowed things down,” Wyoming Area senior Jack Dileo said….
Over 500 US schools were hit by ransomware in 2019
Catalin Cimpanu reports: In the first nine months of the year, ransomware infections have hit over 500 US schools, according to a report published last week by cyber-security firm Armor. In total, the company said it found and tracked ransomware infections at 54 educational organizations like school districts and colleges, accounting for disruptions at over…
Sioux Falls VA notifies patients after HIPAA breach
KSFY reports: Officials with the Sioux Falls Veteran Affairs Health Care System are warning patients about a potential breach of privacy. The incident stems from letters sent to a Sioux Falls VA mail room printer on August 21, according to Public Affairs Officer Erin Bultje. VA staff were not aware the mail room printer was…
Saint Mary’s email addresses appear in credential dump following Chegg data breach
Maeve Filbin reports: In April 2018, the widely-used tutoring service and textbook provider Chegg experienced a data breach, after an unauthorized source accessed one of the company’s databases. The breach was discovered in Sept. 2018. On Sept. 26, chief information officer Todd Norris announced in a campus-wide email that the Saint Mary’s College Information Technology…