11,843 Patient Records Exposed in New Ransonware Attacks
In the past two weeks, two further healthcare organizations have announced that they have experienced ransomware attacks that potentially resulted in the protected health information of patients being accessed by cybercriminals. A combined 11,843 patient records were exposed in the two attacks. The first incident affects PVHS-ICM Employee Health and Wellness, LLC. Ransomware was installed…
Read MoreWoman Indicted for Running Health Care Fraud Scheme from Prison
DALLAS — Alexis C. Norman, 46, of Midlothian, Texas has been indicted on felony offenses stemming from a health care fraud conspiracy she ran from prison that involved the submission of more than $810,000 in false claims to Medicaid, announced U.S. Attorney John Parker of the Northern District of Texas. Norman is scheduled to make…
Read MoreOwner of Apple of Your Eye Healthcare Services, Inc. Sentenced to 210 Months in Prison for Role in Fraud Conspiracy
DALLAS — Wilbert James Veasey, Jr., 65, of Dallas, was sentenced this morning in federal court in Dallas on a health care fraud conspiracy conviction, announced U.S. Attorney John Parker of the Northern District of Texas. Veasey was sentenced by U.S. District Judge Sam A. Lindsay to 210 months in federal prison and order to…
Read MoreCareless handling of HIV information jeopardizes patient’s privacy, costs hospital $387k
St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid the U.S. Department of Health and Human Services (HHS) $387,200 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a comprehensive corrective action plan. St. Luke’s operates the Institute for Advanced Medicine, formerly Spencer…
Read More$2.5 million settlement shows that not understanding HIPAA requirements creates risk
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI). CardioNet has agreed to settle potential noncompliance with the HIPAA Privacy and Security Rules by paying $2.5…
Read MoreTexas Health System Settles Potential HIPAA Disclosure Violations
Memorial Hermann Health System (MHHS) has agreed to pay $2.4 million to the U.S. Department of Health and Human Services (HHS) and adopt a comprehensive corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. MHHS is a not-for-profit health system located in Southeast Texas, comprised of…
Read MoreNo Matter How Much You Spend On Technology, You’re Only As Secure As You’re Most Gullible Employee
Companies and organizations around the world potentially faced substantial costs after hackers threatened to keep computers disabled unless victims paid $300 or more in ransom, the latest and most brazen in a type of cyberattack known as “ransomware.” The malware hit Britain’s beloved but creaky National Health Service particularly hard, causing widespread disruptions and interrupting…
Read More$5.5 million HIPAA settlement shines light on the importance of audit controls
Memorial Healthcare System (MHS) has paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and agreed to implement a robust corrective action plan. MHS is a nonprofit corporation which operates six hospitals, an…
Read MoreChildren’s Medical Center of Dallas Pays Penalty of 3.2 Million for HIPAA and Compliance Violations
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) civil money penalty against Children’s Medical Center of Dallas (Children’s) based on its impermissible disclosure of unsecured electronic protected health information (ePHI) and non-compliance over many years with multiple standards…
Read MoreRansomware Infection Results in Patients PHI Being Encrypted
Another healthcare provider has announced that a ransomware infection has resulted in patients’ protected health information being encrypted, and potentially accessed, by cybercriminals. The Susan M. Hughes Center, a provider of aesthetic medicine and cosmetic surgery services in New Jersey and Philadelphia, discovered ransomware had been installed on its computer system on August 30, 2016.…
Read More