OCR Issues Guidance on HIPAA, COVID-19 Vaccinations, and the Workplace

September 30, the US Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued guidance to help the public understand when the Health Insurance Portability and Accountability…

Read More »

UC San Diego Health sued over data breach that may have exposed records of 500,000 patients

UC San Diego Health faces a lawsuit over a data breach last winter that potentially exposed sensitive information from nearly a half-million patients, employees and others connected with the healthcare…

Read More »

Key Differences between PHI and PII, How They Impact HIPAA Compliance

Personally identifiable information (PII) and protected health information (PHI) may seem similar on the surface, but key distinctions set them apart.

Read More »

OCR Resolves Twentieth Investigation in HIPAA Right of Access Initiative with $80,000 Settlement

The Office for Civil Rights (OCR) at the US Department of Health and Human Services announces the resolution of its twentieth investigation in its HIPAA Right of Access Initiative. OCR…

Read More »

Ransomware attack wipes out Arizona clinic’s EHR, corrupts 35,000 patients’ records

Queen Creek, Ariz.-based Desert Wells Family Medicine recently began notifying 35,000 patients that their EHR data was compromised by a ransomware attack.

Read More »

MA Hospital Faces Class Action Suit after Paying Ransomware Attackers

A Massachusetts-based hospital is facing a class action lawsuit after a ransomware attack in February that impacted over 35,000 individuals and put personally identifiable information (PII) in jeopardy.

Read More »

Lawsuit Filed against Illinois Medical Group after Cyberattack That May Have Compromised Patient Data

Two patients have filed a lawsuit seeking class-action status against DuPage Medical Group just days after the physicians’ group said it was notifying 600,000 patients that their personal information may…

Read More »

98K Patients, Employees Impacted by Oklahoma Provider Data Breach

Oklahoma-based CareATC announced that it fell victim to a provider data breach that jeopardized the personally identifiable information (PII) and protected health information (PHI) of over 98,000 patients, employees, and dependents of patients…

Read More »

Ransomware Attack in Indiana Affects 49K Patients

A ransomware attack on an Indiana-based ear, nose, throat, sinus, and hearing center this summer may have exposed the personal health information of nearly 50,000 people.

Read More »

Hackers Leak Indianapolis Hospital’s Data Online after Ransomware Attack

Nearly three weeks after experiencing a ransomware attack on its IT network, Indianapolis-based Eskenazi Health is notifying patients that hackers have posted some of the stolen data online.

Read More »