New Jersey Spine Center Pays Ransom to Unlock EHR System
The New Jersey Spine Center has reported it has suffered a ransomware attack that resulted not only in the electronic health records of patients being encrypted, but also its backup files. The infection also disabled the spine center’s phone system. The ransomware was installed on July 27, 2016, and while the organization’s antivirus software did detect…
Read MoreUPDATED SECURITY RISK ASSESSMENT TOOL RELEASED BY ONC
OCR prefers to settle HIPAA compliance issues through voluntary compliance and non-punitive means, although financial penalties are now becoming more commonplace. If OCR investigators uncover HIPAA violations, financial penalties may be issued. Fines of up to $1.5 million can be issued for each violation category discovered. One of the most common reasons for a financial…
Read MoreTexas Doctor Resentenced to Prison Following Appeal
TYLER, Texas – A 65-year-old Dallas County, Texas, physician, has been resentenced to federal prison for health care fraud and identity theft violations in the Eastern District of Texas, announced U.S. Attorney John M. Bales. In July 2014, Tariq Mahmood, of Cedar Hill, Texas, was found guilty by a jury of conspiracy to commit health…
Read MoreDoctor Sentenced to 4 Years in Prison for Falsely Certifying Patients Were Terminally Ill
LOS ANGELES – A doctor from Pasadena who falsely certified that at least 79 Medicare and Medi-Cal patients were qualified for hospice care because they were terminally ill – when, in fact, the vast majority of them were not dying – has been sentenced to four years in federal prison. Boyao Huang, 43, was sentenced…
Read MoreFormer Hospital Employee Sentenced to 3 Years in Federal Prison for Stealing PHI and Filing Fraudulent Tax Returns
Tampa, Florida – U.S. District Judge Susan C. Bucklew today sentenced Shanakia Benton to three years in federal prison for wrongful disclosure of individual identifiable health information and wire fraud. As part of her sentence, the Court also entered a money judgment in the amount of $77,239, the proceeds of the wire fraud. Benton pleaded…
Read MoreMedical company has to pay ransom to regain access to files encrypted by cybercriminals
Marin Medical Practices Concepts (MMPC), a Novato, CA-based provider of EMR and medical billing services, has announced that its systems were recently taken out of action by ransomware. Cybercriminals succeeded in installing ransomware on its network on July 27, 2016. While patient data were not encrypted, physicians were prevented from accessing patient data as the…
Read MoreOCR announces largest ever HIPAA settlement with a single covered entity
Last month, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced two large settlements with covered entities to resolve alleged HIPAA violations. However, even the $2.7 million and $2.75 million settlements at OHSU and UMMC were small in comparison to the latest enforcement action. OCR has just announced it has agreed…
Read MoreDoctor Heads to Prison for Home Health Care Fraud
Today, U.S. District Judge David Hittner, who presided over the trial, handed Dailey a 63-month sentence. He was further ordered to pay restitution of $913,620. Dailey will also be required to serve a term of three years of supervised release following completion of the prison term. At trial, the jury heard that from approximately 2009…
Read MoreOCR Phase 2 HIPAA Audits: Documentation Requests Issued
The Department of Health and Human Services’ Office for Civil Rights (OCR) has now selected covered entities from its pool of eligible organizations and has chosen 167 for a HIPAA compliance audit. Covered entities selected for a compliance audit have now been notified by email. Those organizations now have just 10 days to respond to…
Read MoreWidespread HIPAA vulnerabilities result in $2.7 million settlement with Oregon Health & Science University
Oregon Health & Science University (OHSU) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules following an investigation by the U.S. Department of Health and Human Services Office for Civil Rights (OCR) that found widespread and diverse problems at OHSU, which will be…
Read More