Fraud and Abuse

Regulatory compliance is a phrase that sends a shiver down the spine of even the most experienced network administrator. Ever since the Health Insurance Portability and Accountability Act or HIPAA was introduced in 1996, covered entities holding protected health information (PHI) or electronically protected health information (ePHI) have been under pressure to keep it safe. Organizations that fail to…

In the past two years, a troubling number of ransomware attacks on healthcare organizations have affected more than 6.6 million people and cost systems millions of dollars. A study by comparitech found Texas had the second-most number of healthcare ransomware attacks in 2016-2019. During a ransomware attack, hackers break into an electronic database and hold the information…

Practice Fusion Inc. Admits to Kickback Scheme Aimed at Increasing Opioid Prescriptions Practice Fusion Inc. (Practice Fusion), a San Francisco-based health information technology developer, will pay $145 million to resolve criminal and civil investigations relating to its electronic health records (EHR) software, the Department of Justice announced today. As part of the criminal resolution, Practice…

A federal jury found a Texas rheumatologist guilty today for his role in a $325 million health care fraud scheme in which he falsely diagnosed patients with life-long diseases and treated them with toxic medications on the basis of that false diagnosis. Following a 25-day trial, Jorge Zamora-Quezada, M.D., 63, of Mission, Texas, was convicted…

The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) reported 34 December healthcare breaches, affecting 313,249 patients. Of the reported incidents, there were 18 breaches due to hacking/IT incidents, 10 breaches from the unauthorized access/disclosure of protected health information (PHI), 3 breaches due to loss, 2 breaches due to theft, and…

Last week, the Federal Bureau of Investigation (FBI) issued a flash alert warning private companies in the United States about the threat of attacks involving Maze ransomware. The warning came just a few days after the FBI issued an alert about two other ransomware variants, LockerGoga and MegaCortex. The Maze ransomware TLP: Green warning is…

In an agreement with the Office for Civil Rights (OCR) at the U.S Department of Health and Human Services (HHS), Sentara Hospitals (Sentara) have agreed to take corrective actions and pay $2.175 million to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Breach Notification and Privacy Rules.  Sentara is comprised of…

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has imposed a $1,600,000 civil money penalty against the Texas Health and Human Services Commission (TX HHSC), for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules between 2013 and 2017. TX…

Eight Dallas, Texas-area pharmacy owners and marketers were charged in an indictment unsealed today for their roles in a scheme involving approximately $92 million in compound drug claims to TRICARE and the U.S. Department of Labor (DOL), which were allegedly the product of over $9.1 million in illegal kickbacks. Assistant Attorney General Brian A. Benczkowski…