Category: U.S.

Careless handling of HIV information jeopardizes patient’s privacy, costs St. Luke’s-Roosevelt Hospital Center $387k

Posted on by Dissent

The U.S. Department of Health & Human Services(HHS), Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement based on impermissible disclosure of protected health information (PHI). St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid HHS $387,200 to settle potential violations of the HIPAA Privacy Rule…

Read more

Where is the future of HIPAA enforcement headed?

Posted on by Dissent

Ira Parghi of Ropes & Gray writes: Since January 2016, the OCR has entered into resolution agreements with, and imposed Corrective Action Plans (CAPs) on, providers and others in at least 12 matters involving the Security Rule. It has also imposed a Civil Monetary Penalty on one entity.  Most of these cases involve stolen, unencrypted…

Read more

Hackers may have names of thousands of Florida gun owners

Posted on by Dissent

Andrew Ruiz reports: The Florida Department of Agriculture and Consumer Services is warning customers that hackers may have obtained the names of more than 16,000 people who have Florida concealed weapon permits. The data breach that appears to have originated from overseas affects people who entered information through the department’s online payment system. Read more…

Read more

How ECMC got hacked by cyber extortionists

Posted on by Dissent

Henry L. Davis provides some greater depth to the coverage of the ransomware attack on Erie County Medical Center: It was 2 a.m. Palm Sunday. Computer screens across Erie County Medical Center flashed white with bright red words: “What happened to your files?” The ransom demands began with hot pink text. “Step1: You must send us…

Read more