Another business associate under HIPAA has disclosed a breach. You may not recognize their name, but they may handle your medical group’s billing or other functions, so if you get a letter from “MEDNAX,” don’t just assume it’s a scam. Florida-headquartered MEDNAX Services, Inc provides revenue cycle management and other administrative services to physician groups. …
OCR Releases Its 2016-2017 Audit Report on Health Care Industry Compliance with the HIPAA Rules
Today, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic and Clinical…
Suspected Russian hacking spree extended beyond SolarWinds users
Joseph Menn reports: The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software that had been compromised. “The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged,” said DHS’s Cybersecurity and Infrastructure Security Agency,…
Security breach on Emirati website leads to leaked info of Israelis
Tobias Siegal reports: An Emirati website has leaked the personal information of thousands of Israelis who used it for planning their trip to Dubai, the N12 news site reported Thursday. The Dubai-based website Sharaf Travels was used by many Israelis who took the exciting opportunity to vacation in Dubai, as new Middle East destinations traditionally closed to…
French pharmaceutical firm involved in packaging anti-COVID vaccines hit by cyberattack
On December 9, the European Medicines Agency reported that it had been a victim of a cyberattack. The announcement was of significant concern because EMA was considering was issuing authorizations for several COVID-19 vaccines. The next day, Pfizer announced that some documents it had submitted to EMA as part of that process had been involved…
Ca: Olympia House notifying patients about ransomware attack discovered in early August
On August 10, DataBreaches.net reported that Olympia House, an alcohol rehabilitation and drug treatment center in Petaluma, California had apparently been attacked by NetWalker ransomware threat actors but had not responded to an inquiry by this site. By November 9, Olympia House still had not posted any statement on their site or press release, and…