HIPAA Breach News

Monument Inc., a New York-based online alcohol addiction and treatment service provider, has recently notified almost 109,000 individuals about an...

The Iowa Department of Health and Human Services (DHHS) has confirmed that the personal information of 20,815 Iowans who receive...

The White Plains, NY-based home healthcare provider, Unlimited Care Inc., was the victim of a cyberattack that caused disruption to...

Money Message Ransomware Group Leaks BrightSpring Health Services & PharMerica Data The Money Message ransomware group has recently listed the...

The Manchester, New Hampshire-based medical equipment company, NuLife Med, has agreed to settle a class action lawsuit that was filed...

CommonSpirit Health has issued an update about its October 2022 ransomware attack and has confirmed that patients from 164 facilities...

The Chippewa County Human Resources Division in Wisconsin has recently discovered that the laptop computer of an employee has been...

New research indicates virtually all U.S. hospitals have been using tracking software on their websites that captures visitor data, including...

Tallahassee Memorial Healthcare (TMH), a non-profit health system serving patients in North Florida and South Georgia, experienced a cyberattack in...

Montgomery General Hospital in West Virginia has suffered a cyberattack that saw unauthorized individuals gain access to its IT systems...

Several hospitals have started notifying patients about a data breach at the consulting company, Adelanto HealthCare Ventures (AHCV).  AHCV has...

New York Presbyterian Hospital has reported a 54K-record data breach due to website tracking tools, ransomware attacks have been reported...

A Georgia physician has avoided jail time for a HIPAA violation as part of a plea deal after illegally accessing...

Data breaches have recently been reported by Blue Shield of California, US Wellness Inc., Health Plan of San Mateo, and...

A round-up of data breaches that have recently been reported to the HHS’ Office for Civil Rights, state Attorneys General,...

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000...

Associates in Dermatology, a network of dermatology clinics in Indiana, Kentucky, and New York, has started notifying patients that some...

SundaySky, a New York-based provider of software solutions to businesses for creating marketing videos, has recently announced that unauthorized individuals...

The Federal Bureau of Investigation (FBI) has published its 2022 Internet Crime Report, which shows at least $10.3 billion was...

The number of healthcare data breaches reported over the past three months has remained fairly flat, with only a small...

The Birmingham, AL, Heart Hospital, Cardiovascular Associates, has recently announced that unauthorized individuals gained access to certain parts of its...

University of California (UC) San Diego Health is the latest healthcare organization to start notifying patients that some of their...

South Bend, IN-based Beacon Health System (BHS) says the medical records of 3,117 patients have been accessed by an employee...

Livonia, MI-based Trinity Health has confirmed that an unauthorized individual gained access to an employee email account and potentially viewed...

Florida Medical Clinic, NorthStar Emergency Medical Services, Denver Public Schools, Wichita Urology Group, and The Bone & Joint Clinic have...

The United States Department of Justice has agreed to settle alleged False Claims Act violations with Jelly Bean Communications Design...

Independent Living Systems, LLC (ILS), a Miami, FL-based provider of third-party administrative services to managed care organizations, has recently informed...

ZOLL Medical has recently announced that it has suffered a cyberattack in which the protected health information of more than...

The majority of HIPAA-covered entities, business associates, and healthcare employees take great care to ensure HIPAA Rules are followed, but...

Codman Square Health Center in Boston, MA, has confirmed that it was the victim of a ransomware attack in November...

The telehealth company, Cerebral Inc., has confirmed that pixels and other tracking technology on its website resulted in the impermissible...

In mid-February, Community Health Systems filed a report with the U.S. Security and Exchange Commission (SEC) confirming it had been...

The personal information of lawmakers and staffers has been stolen in a cyberattack on the health insurance marketplace, DC Health...

Asante, an Oregon-based health system with three hospitals and more than 30 primary care facilities, has started notifying certain patients...

Cedar Park, TX-based Dental Health Management Solutions (DHMS), a provider of dental services to the government/military and private patients has...

The Federal Trade Commission (FTC) has announced a settlement has been reached with the California-based online counseling service provider, BetterHelp...

Evergreen Treatment Services, a Washington-based provider of addiction treatment services, announced on February 13, 2023, that unauthorized individuals gained access...

Penalties for HIPAA violations can be issued by the Department of Health and Human Services’ Office for Civil Rights (OCR)...

The Hutchinson Clinic Reports December 2022 Hacking Incident The Hutchinson, KS-based healthcare provider, The Hutchinson Clinic, has recently announced that...

January is usually one of the quietest months of the year for healthcare data breaches and last month was no...

Freehold Township, NJ-based CentraState Healthcare System has recently confirmed that its network was compromised by unauthorized individuals in December 2022....

Lehigh Valley Health Network (LVHN) in Pennsylvania has confirmed that it is dealing with a ransomware attack that was detected...

The HHS’ Office for Civil Rights (OCR) has published a report it sent to Congress that details its HIPAA enforcement...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has publicly released two reports that were submitted...

The American Civil Liberties Union of Rhode Island (ACLU of RI) has amended its complaint against the Rhode Island Public...

The October 2022 ransomware attack on CommonSpirit Health has cost the health system more than $150 million to date according...

The mobile pharmacy solution provider, mscripts, has recently announced that a misconfiguration of its cloud storage environment has exposed client...

Reventics Revenetics, a Greenwood Village, CO-based clinical documentation improvement and revenue cycle management company, has recently confirmed that hackers gained...

Teijin Automotive Technologies Says Welfare Plan Data Compromised in December Ransomware Attack Teijin Automotive Technologies has recently confirmed the protected...

Franklin, TN-based Community Health Systems has recently confirmed that it has been affected by a security incident at a cybersecurity...

The HIPAA breach notification requirements are important to know if an organization creates, receives, maintains, or transmits Protected Health Information...

The risk and financial advisory solution provider Kroll reports that healthcare has overtaken finance as the most breached industry, based...

Sharp HealthCare in San Diego has recently notified almost 63,000 patients that some of their personal and protected health information...

Regal Medical Group, a San Bernardino, CA-based affiliate of the Heritage Provider Network, recently announced that it was attacked with...

Pittsburg, PA-based Highmark Health, the second largest integrated delivery and financing system in the U.S., has recently announced that an...

Last Thursday, Tallahassee Memorial HealthCare (TMH) in Florida was forced to take its IT systems online, divert ambulances, and suspend...

The HHS’ Office for Civil Rights has announced its second financial penalty of 2023 to resolve alleged violations of the...

The most common HIPAA violations that have resulted in financial penalties are: Snooping on Healthcare Records Failure to Perform an...

When a data breach occurs and sensitive information is disclosed, the HIPAA Breach Notification Rule requires affected individuals to be...

The Department of Health and Human Services’ Office for Civil Rights is the main enforcer of HIPAA compliance; however, state...

UCLA Health Announces Pixel-Related Data Breach UCLA Health has recently started notifying approximately 94,000 patients about an impermissible disclosure of...

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has...

Logan Health has agreed to settle a class action lawsuit related to a 2021 hacking incident that exposed the protected...

Another lawsuit has been filed against CommonSpirit Health over its 2022 ransomware attack and data breach that alleges the nation’s...

For the first time since 2015, there was a year-over-year decline in the number of data breaches reported to the...

A round-up of data breaches that have recently been reported to the HHS’ Office for Civil Rights and state Attorneys...

A Washington therapist, Robert S. Miller LICSW, ACSW (RSM), has recently notified 640 current and former clients about a phishing...

The Massachusetts-based medical device company, Insulet Corporation, has recently notified 29,000 of its Omnipod DASH customers about a recent privacy...

Mayo Clinic has settled another lawsuit that stemmed from a data breach involving a former employee, who was discovered to...

The Dallas, TX-based home help service provider, Home Care Providers of Texas (HCPT), has recently announced that unauthorized individuals gained...

The number of reported healthcare data breaches declined for the second successive month, with 40 data breaches of 500 or...

West Oaks Eyecare – Ransomware Attack West Oaks Eyecare in Texas has notified 1,045 Texas residents that a malicious actor...

Multiple lawsuits have been filed against Massachusetts-based Shields Health Care Group, which suffered one of the largest healthcare data breaches...

The latest data released by the cybersecurity firm Check Point has confirmed that 2022 was a particularly bad year for...

The Hive ransomware-as-a-service (RaasS) operation has claimed responsibility for an attack on Consulate Health Care, a Florida-based chain of 140...

Captify Health has recently started notifying users of its Your Patient Advisor online service that their sensitive information has been...

Email accounts have been compromised at Legacy Hospice and Live Oak Surgery Center, and a University of Miami Health employee’s...

Maternal & Family Health Services in Eastern Pennsylvania has recently notified certain patients about an April 4, 2022, ransomware attack...

Washington Attorney General Bob Ferguson is suing a plastic surgery provider for falsely inflating online ratings, bribing, and threatening patients,...

The Chicago, IL-based health system, CommonSpirit Health, is facing a class action lawsuit over its October 2022 ransomware attack. Malicious...

The Chicago, IL-based social justice and human rights organization, Heartland Alliance, announced on December 15, 2022, that it was the...

Back in June 2022, HIPAA Journal reported on a cyberattack on Fitzgibbon Hospital in Marshall, MO, after being contacted directly...

The HHS’ Office for Civil Rights (OCR) has announced its first HIPAA enforcement action of 2023, which serves as a...

Fertility Centers of Illinois has proposed a $450,000 settlement to resolve a lawsuit filed on behalf of patients and employees...

A settlement has been proposed by Scripps Health to resolve a consolidated class action lawsuit – In Re: Scripps Health...

One of the questions we are sometimes asked is how to report a HIPAA violation anonymously. This is because, in...

Southwest Louisiana Health Care System, Inc. has confirmed that the protected health information of up to 269,752 patients of Lake...

Morley Companies has agreed to settle a class action lawsuit filed on behalf of individuals affected by a major data...

A round-up of data breaches that have recently been reported to the HHS’ Office for Civil Rights and state attorneys...

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting...

November was a relatively quiet month for healthcare data breaches with 31% fewer breaches reported than the previous month. November’s...

Work Health Solutions, a San Jose, CA-based occupational health services provider, has confirmed that the protected health information of 13,157...

Avem Health Partners, an Oklahoma City-based provider of administrative and technology services to healthcare organizations, has recently started notifying its...

The Orlando, FL-based primary care provider, Health Specialists of Central Florida Inc. (HSCF), has paid a $20,000 financial penalty to...

On November 14, 2022, Fairmont, WV-based Health Care Management Solutions (HMS) reported a data breach to the HHS’ Office for...

The HHS’ Office for Civil Rights (OCR) has announced a settlement has been reached with a Californian dental practice to...

CareFirst Administrators (CFA) has notified 14,538 individuals about a phishing attack on its revenue cycle management vendor, Conifer. CFA was...

The private information of visitors to telehealth websites is being shared with big tech companies without user consent due to...

Two healthcare organizations in Massachusetts have chosen to settle class action lawsuits that were filed by patients whose protected health...

Data breaches have recently been reported by Acuity Brands in Georgia, San Gorgonio Memorial Hospital in California, and Receivables Performance...

CommonSpirit Health has confirmed that the protected health information of at least 623,774 patients was exposed and potentially stolen in...

The New York ambulance service, Empress EMS, is facing multiple class action lawsuits over a ransomware attack that was detected...

The COVID-19 vaccination statuses of approximately 500,000 Department of Veterans Affairs employees have been impermissibly disclosed. According to the VA,...

CommonSpirit Health has provided an update on its October 2022 ransomware attack and has confirmed that the threat actors behind...

The HHS’ Office for Civil Rights has issued a bulletin confirming that the use of third-party tracking technologies on websites,...

Health Care Management Solutions LLC, a West Virginia-based consulting company focused on improving care quality for vulnerable populations including veterans,...

One Brooklyn Health System is dealing with a cyberattack that has caused disruption at its three hospitals – Interfaith Medical...

Connexin Software Inc., which provides electronic medical records and practice management software (Office Practicum) to pediatric physician practice groups has...

A database containing the personally identifiable information (PII) of more than 16,000 children has been exposed over the Internet and...

Woodlawn, MD-based Hope Health Systems Inc. (HHS) has recently announced that it was the victim of a ransomware attack. The...

Pennsylvania-based Gateway Rehabilitation Center (Gateway Rehab) has recently announced that it experienced “an incident disrupting access to certain systems.” The...

Indiana-based Community Health Network is the latest healthcare provider to confirm that the protected health information of patients has been...

Doctors’ Center Hospital in Puerto Rico has recently notified the Department of Health and Human Services’ Office for Civil Rights...

The Rochester Hills, MI-based prosthetics, orthotics, and accessibility solution provider, Wright & Filippis, has recently announced that it was the...

October was the worst month of the year to date for healthcare data breaches, with 71 breaches reported and more...

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose...

Salud Family Health Provides Update on September 2022 Ransomware Attack Colorado-based Salud Family Health, a Federal Qualified Health Center (FQHC),...

Police Department of the City of New York Reports 21,500-Record Data Breach Unauthorized individuals have gained access to the email...

A former employee of Axia Women’s Health in Pennsylvania has been charged in a 39-count indictment for stealing patient information...

The medical claims processor, CorrectCare Integrated Health, has recently notified its clients that the protected health information of some of...

Five former employees of Methodist Hospital in Tennessee have been indicted by a federal grand jury in Memphis for criminal...

A New York-based physician-owned provider of administrative services to anesthesiology firms is facing several class action lawsuits over a cyberattack...

CommonSpirit Health has recently provided an update on the progress that has been made in recovering from an October 2022...

Ann & Robert H. Lurie Children’s Hospital has proposed a settlement to resolve a class action lawsuit filed in response...

USV Optical, a subsidiary of U.S. Vision, has recently confirmed that the information of patients at several entities within its...

St. Luke’s Health has recently notified 16,906 patients that some of their protected health information has been exposed in a security...

Oakbend Medical Center in Richmond, TX, and Keystone Health in Chambersburg, PA, are facing class action lawsuits over recent hacking...

Two class action lawsuits have been filed on behalf of patients whose protected health information (PHI) was impermissibly disclosed to...

Aveanna Healthcare has agreed to pay a $425,000 financial penalty to the Office of the Attorney General of Massachusetts for...

Several more providers of anesthesia services have confirmed they have been affected by a data breach at their management services...

The Department of Health and Human Services (HHS)’ Office for Civil Rights (OCR) has released a video presentation on its...

University of Michigan Health (Michigan Medicine) has recently announced that the protected health information of approximately 33,850 patients has potentially...

A Californian appellate court has recently confirmed the decision of the lower court to deny class action status for a...

The American Civil Liberties Union of Rhode Island (ACLU of RI) is taking legal action against the Rhode Island Public...

A round-up of healthcare data breaches that have recently been reported to the HHS’ Office for Civil Rights and State...

A former employee of Main Line Women’s Healthcare in Bryn Mawr, PA, was discovered to be accessing and photographing patient...

WakeMed Health and Hospitals, a health system with multiple healthcare facilities in metropolitan Raleigh, NC, has recently notified around 495,000...

63 data breaches of 500 or more records were reported to the HHS’ Office for Civil Rights in September, bringing...

Another health system has announced that patient data has been impermissibly passed to Meta (Facebook) as a result of the...

The New York State Department of Financial Services (DFS) has agreed to settle an investigation of EyeMed Vision Care (EyeMed)...

Chambersburg, PA-based Keystone Health has recently announced that it fell victim to a cyberattack on August 19, 2022, which caused...

Austin, TX-based VisionWeb Holdings, a provider of Internet-delivered software solutions for the eye care industry for improving practice efficiency, has...

Radiology Associates of Albuquerque (aka RAA Imaging/Advanced Imaging, LLC) has recently notified patients that some of their protected health information...

Phoenix, AZ-based Valle del Sol Community Health has notified 70,268 patients that some of their protected health information has been...

A major data breach has occurred at the management services organization for multiple providers of anesthesia services to hospitals. According...

On October 3, 2022, CommonSpirit Health experienced a data security incident that forced it to take systems offline, including its...

United Health Centers of the San Joaquin Valley (UNC) has proposed a settlement to resolve a class action lawsuit filed...

Pennsylvania-based Aesthetic Dermatology Associates has recently confirmed that its network has been accessed by unauthorized individuals who potentially viewed and/or...

Cardiac Imaging Associates in Los Angeles, CA, has discovered an unauthorized individual has accessed an employee’s email account. The incident...

A former physician with practices in New Jersey, New York, and Florida has pleaded guilty to criminal violations of HIPAA...

A round-up of healthcare data breaches that have recently been reported to the HHS’ Office for Civil Rights, state attorneys...

Cytometry Specialists, Inc., doing business as CSI Laboratories in Alpharetta, GA, has recently announced that the email account of an...

Anthem has confirmed that the protected health information of certain plan members has been compromised in a data breach at...

An affiliate of the infamous Netwalker ransomware gang has been sentenced to serve 20 years in jail for his role...

Mon Health is facing a class action lawsuit over a hacking incident that allowed unauthorized individuals to gain access to...

LifeBridge Health Inc. has agreed to settle a class action lawsuit to resolve claims from patients affected by a data...

CommonSpirit Health is experiencing a data security incident that has affected many of its healthcare facilities. According to a statement...

Neurology Center of Nevada Cyberattack Impacts 11,700 Patients The Neurology Center of Nevada (NCNV), in Henderson, NV, has confirmed a...

FMC (Family Medicine Centers) Services, an Amarillo, TX-based network of primary care clinics in Amarillo and Canyon, has recently announced...

Magellan Health has agreed to settle a class action data breach lawsuit and will create a $1.43 million fund to...

Physician’s Business Office (PBO), a Parkersburg, WV-based provider of medical practice management and administrative services, has recently disclosed a security...

Humana has recently announced that the protected health information of 22,767 individuals has potentially been compromised in a security incident...

Wolfe Clinic, P.C in Iowa has recently confirmed that it was affected by the data breach at the electronic medical...

Lubbock Heart & Surgical Hospital in Texas has recently announced it was the victim of a hacking incident that resulted...

The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has notified 38,765 patients that some of their protected health information...

For the third successive month, the number of healthcare data breaches reported to the Department of Health and Human Services’...

The New York Ambulance Service, Empress EMS (Emergency Medical Services), has confirmed it was the victim of a ransomware attack....

Ambry Genetics has agreed to settle a class action lawsuit that stemmed from a breach of the protected health information...

Medical Associates of the Lehigh Valley in Pennsylvania (MATLV) has announced that it recently fell victim to a sophisticated ransomware...

Over the Labor Day weekend, Oakbend Medical Center in Richmond, TX, suffered a ransomware attack. The attack started on Thursday,...

Birmingham, AL-based Henderson & Walton Women’s Center (HWWC) has recently notified 34,306 patients that some of their protected health information...

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an...

CorrectHealth Notifies 54,000 Patients About November 2021 Email System Breach Alpharetta, GA-based CorrectHealth, which provides healthcare services for inmates at...

The number of individuals affected by the ransomware attack on the Hartland, WI-based mailing and printing vendor, OneTouchPoint, has now...

Salida, CO-based First Street Family Health has suffered a destructive cyberattack, in which files containing patient information were exfiltrated and...

EmergeOrtho, a North Carolina orthopedic practice, has recently notified 68,661 patients that some of their protected health information has been...

Methodist McKinney Hospital in Texas has recently announced that its systems have been accessed by unauthorized individuals who removed files...

Onyx Technologies, a Largo, MD-based provider of Information Technology and Consulting Services and a vendor of Independent Care Health Plan...

The California Department of Corrections and Rehabilitation (CDCR) has recently discovered that unauthorized individuals have gained access to one of...

In July 2022, 66 healthcare data breaches of 500 or more records were reported to the Department of Health and...

Conifer Health Solutions Discovers Email Account Breach Conifer Health Solutions, a Frisco, TX-based provider of revenue cycle management and other...

Florida Orthopaedic Institute has proposed a $4 million settlement to resolve claims from patients affected by a 2020 data breach....

Practice Resources, a Syracuse, NY, provider of billing and other professional services, has suffered a data breach involving the records...

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained...

Novant Health has recently notified 1,362,296 patients about a breach of their protected health information due to the incorrect configuration of...

The Michigan-based health plan provider, Priority Health, has confirmed that it has been affected by a data breach at a...

Ransomware attacks are rife, hacking incidents are being reported at high levels, and there have been several very large healthcare...

Zenith American Solutions, a third-party administrator for the Sound Health and Wellness Trust, has recently notified individuals about a mailing...

Salinas Valley Memorial Healthcare System in California has agreed to settle a class action lawsuit for $340,000 to resolve claims...

Further information has been released on two cyberattacks on healthcare organizations: Goodman Campbell Brain and Spine and Behavioral Health Group....

First Choice Community Healthcare in Albuquerque, NM, has started notifying certain patients that an unauthorized individual gained access to its...

Dental Care Alliance has agreed to settle a class action lawsuit filed in response to a data breach that affected...

The Oklahoma City home health provider, Healthback Holdings, has started notifying 21,114 individuals that some of their protected health information...

Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their...

The health insurer Aetna ACE is one of the latest healthcare organizations to announce it has been affected by a...

St. Luke’s Health System in Boise, ID, has recently reported a data breach to the HHS’ Office for Civil Rights...

Meta is facing another class action lawsuit over the unlawful collection and sharing of health data without content. The lawsuit...

A major data breach has been reported that has affected dozens of healthcare, rehabilitation, and senior living facilities in Oregon,...

The average cost of a healthcare data breach has reached double digits for the first time ever, according to the...

A round-up of data breaches that have recently been reported to the HHS’ Office for Civil Rights and state Attorneys...

A cyberattack and data breach cost Tenet Healthcare $100 million in lost revenue and mitigation costs in Q2, 2022. Dallas,...

Benson Health in North Carolina has recently started notifying 28,913 patients that some of their protected health information was potentially...

The U.S Department of Justice has announced that around $500,000 in Bitcoin has been seized from North Korean threat actors...

The Methodist Hospitals Inc. has agreed to settle a class action lawsuit and has created a fund of $425,000 to...

June 2022 saw 70 HIPAA compliance data breaches of 500 or more records reported to the Department of Health and...

BJC HealthCare has agreed to settle a class action lawsuit to resolve claims it failed to adequately protect patient data...

The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has announced that Oklahoma State University –...

The Winston-Salem, NC-based managed behavioral health organization, Carolina Behavioral Health Alliance (CBHA), the administrator of behavioral health benefits for Wake...

Tenet Healthcare and Baptist Health are facing a class action lawsuit over a recently reported data breach that affected 1.2...

Montana-based Associated Eye Care Partners (AECP) has recently started notifying patients that their private health information was compromised in a...

Phoenixville Hospital Fires Employee for HIPAA Violation Phoenixville Hospital in Pennsylvania has recently fired an employee for accessing the medical...

Health Aid of Ohio has agreed to settle a class action lawsuit to resolve claims that it failed to protect...

Roanoke, VA-based Benefit Plan Administrators Inc., has recently notified 3,775 individuals that an unauthorized individual gained access to its network...

A lengthy privacy violation has been detected by Virginia Commonwealth University Health System (VCU Health) that potentially started on January...

University Pediatric Dentistry in Buffalo, NY, has started notifying 6,843 patients that some of their protected health information has been...

A major data breach has been reported by the Greeley, CO-based accounts receivable management company, Professional Finance Company Inc. (PFC)...

On June 25, 2022, a spokesperson for a threat group called DAIXIN Team contacted HIPAA Journal to share information about...

Aliso Viejo-based Covenant Care California, an operator of skilled nursing facilities and a provider of home health services in California...

The Government Accountability Office (GAO) has recommended that the Department of Health and Human Services (HHS) establish a feedback mechanism...

In 2021, the Federal Bureau of Investigation (FBI) helped Boston Children’s Hospital mitigate a cyberattack by Iranian state-sponsored hackers before...

Texas Tech University Health Sciences Center has confirmed that the protected health information of 1,290,104 patients was compromised in a...

Patient Information Potentially Compromised in Atrium Health Phishing Attack A phishing incident has been reported by Charlotte, NC-based Atrium Health...

University of Pittsburgh Medical Center has agreed to settle a class action data breach lawsuit and will make $450,000 available...

PHI of Almost 69,000 Individuals Compromised in Hacking Incident at Comstar Comstar, a Rowley, MA-based provider of ambulance billing, collection,...

May 2022 saw a 25% increase in healthcare data breaches of 500 or more records. 70 data breaches of 500...

Lake Mary, FL-based Central Florida Inpatient Medicine (CFIM) has recently discovered that the email account of an employee has been...

MCG Health Announces Data Theft Incident Affecting 1.1 Million Individuals MCG Health in Seattle, WA, a provider of patient care...

Kaiser Permanente, one of the largest nonprofit health plan and healthcare providers in the United States, has reported a breach...

Yuma Regional Medical Center (YRMC) in Arizona has announced it was the victim of a ransomware attack in April in...

Aesto Health, a Birmingham, AL-based software company that provides solutions to help healthcare enterprises and medical providers exchange, organize, and...

Allaire Healthcare Group and Platinum Hospitalists have recently announced that an unauthorized individual has gained access to an employee email...

The protected health information of up to 2 million individuals has potentially been compromised in a Shields Health Care Group...

Ransomware attacks on healthcare organizations increased by 94% year over year, according to the 2022 State of Ransomware Report from...

Alameda Health System in California, Capsule pharmacy in New York, and Aon PLC in Illinois have recently reported data breaches...

Allwell Behavioral Health Services in Zanesville, OH, has announced that a computer system used to store quality assurance information related...

BJC HealthCare, a non-profit healthcare organization based in St. Louis, MO, has started notifying certain patients that some of their...

A class action lawsuit filed against NorthEast Radiology PC and Alliance HealthCare Services over a data breach that exposed the...

An information technology consultant who worked as a contractor at a suburban healthcare company in Chicago has been charged with...

Oswego County Opportunities (OCO) in New York has announced that a limited number of employee email accounts were recently accessed...

Social Action Community Health System (SAC Health) has recently notified 149,940 patients that documents containing their protected health information were...

Unauthorized individuals have gained access to the systems of Eye Care Leaders, a provider of electronic health records and patient...

In March 2022, Partnership HealthPlan of California (PHC) announced that third-party forensic specialists had been engaged to help restore the...

After four successive months of declining numbers of data breaches, there was a 30.2% increase in reported data breaches. In...

A $9.76 million settlement proposed by Solara Medical Supplies to resolve a class action lawsuit related to a 2019 data...

Cleveland, OH-based Parker-Hannifin Corporation, a manufacturer of motion and control technologies, has recently announced that unauthorized individuals have gained access...

The Irving, TX-based nonprofit health system, Christus Health, which operates more than 600 healthcare facilities in Texas, Arkansas, Louisiana, and...

The Manchester, NH-based medical equipment company, NuLife Med LLC, has recently announced it was the victim of a cyberattack in...

Refuah Health Center in New York has recently started notifying 260,740 patients about a security breach that occurred almost a...

McKenzie Health System in Sandusky, MI, has recently started notifying 25,318 patients that some of their protected health information has...

Illinois Gastroenterology Group has recently announced that unauthorized individuals gained access to its computer environment and potentially accessed and exfiltrated...

Healthplex Inc., one of the largest providers of dental insurance in New York state, has announced that the email account...

Salusive Health, the developer of the myNurse platform which helps physician practices streamline disease management, has experienced a cyberattack in...

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft...

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number...

The American Dental Association (ADA) suffered a cyberattack on Friday and has been forced to take many of its systems...

A preliminary settlement has recently been approved by a California Federal court to resolve a consolidated class action lawsuit against...

Security incidents have recently been reported by Georgia Pines CSB and Ballard Health, which have involved the protected health information...

An Adaptive Health Integrations data breach has recently been reported to the Department of Health and Human Services’ Office for...

For the fourth successive month, the number of reported healthcare data breaches has fallen. In March 2022, 43 HIPAA compliance...

Immediate intervention following an instance of unauthorized access to protected health information (PHI) by a healthcare employee is 95% effective...

Indiana-based Deaconess Health System and Blue Earth County in Minnesota have notified individuals that sensitive personal information has been accessed...

Newman Regional Health (NRH), which operates a 25-bed critical access hospital in Emporia, KS, has recently started notifying 52,224 patients...

Urgent Team Holdings, which operates more than 70 urgent care and walk-in centers in Alabama, Arkansas, Georgia, Mississippi, and Tennessee,...

A lawsuit has been filed against the in-home respiratory care provider, SuperCare Health, over a cyberattack and data breach that...

Resources for Human Development Reports Breach Affecting 46,673 Individuals The Philadelphia, PA-based national human services nonprofit organization, Resources for Human...

The law firm BakerHostetler has published its 8th Annual Data Security Incident Response (DSIR) Report, which provides insights based on...

Charleston Area Medical Center Breach Affects 54,000 Patients Charleston Area Medical Center (CAMC) in Charleston, WV, has recently announced it...

SuperCare Health, a Downey, CA-based post-acute, in-home respiratory care provider serving the Western United States, has recently started notifying 318,379 patients that...

The Department of Health and Human Services’ Office for Civil Rights has released a Request for information (RFI) related to...

Partnership Health Plan of California Recovering from Suspected Ransomware Attack The Fairfield, CA-based nonprofit managed care health plan, Partnership Health...

Spokane Regional Health District (SRHD) in Washington has once again fallen victim to a phishing attack. For the second time...

Email Account Breach Reported by Christie Clinic Christie Business Holdings Company, P.C., doing business as Christie Clinic, has recently announced...

Oklahoma City Indian Clinic and Law Enforcement Health Benefits Inc. have confirmed they were recent victims of cyberattacks, both of...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced its first financial penalties of 2022...

Three email incidents have recently been reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada that have...

Horizon Actuarial Services, Clinic of North Texas, and Parkland Community Health Plan have recently announced breaches of the protected health...

Chelan Douglas Health District in East Wenatchee, WA, has announced it was the victim of a cyberattack in July 2021...

New Jersey Brain and Spine (NJBS) has recently announced it was the victim of a cyberattack on or around November...

For the third successive month, the number of data breaches reported to the HHS’ Office for Civil Rights (OCR) has...

On March 17, 2022, Dallas, TX-based JDC Healthcare Management, which runs more than 70 Jefferson Dental & Orthodontics practices throughout...

Cyberattacks have been reported by Duncan Regional Hospital in Oklahoma and Central Indiana Orthopedics that have affected a total of...

Capital Region Medical Center (CRMC) in Jefferson City, MO has recently confirmed that patient information was accessed by unauthorized individuals...

South Denver Cardiology Associates (SDCA) has recently announced it was the victim of a cyberattack in January 2022 in which...

Legal action is being taken against Logan Health and subsidiary, sister, and related entities over a data breach that occurred...

Protenus has released its 2022 Breach Barometer Report which confirms 2021 was a particularly bad year for healthcare industry data...

A round-up of 6 cyberattacks that have recently been reported by healthcare providers and business associates that resulted in the...

Over 500,000 individuals have been affected by cyberattacks on Norwood Clinic, PracticeMax, Central Indiana Orthopedics, and an unauthorized electronic medical...

Email account breaches have been reported by Montrose Regional Health, EPIC Pharmacy Network, and Acacia Network, and North Shore University...

A round-up of data breaches that have recently been reported by healthcare organizations that have involved the exposure or theft...

West Virginia-based Monongalia Health System (Mon Health) has announced it was the victim of a cyberattack that has exposed patient,...

In a recent blog post, Director of the HHS’ Office for Civil Rights, Lisa J. Pino, urged HIPAA-regulated entities to...

The Houston Health Department has recently announced that the personal information and COVID-19 test results of 10,291 individuals have been...

Ransomware attacks have recently been reported by four healthcare providers across the country, which have collectively resulted in the exposure...

Two HIPAA-regulated entities have recently started notifying individuals whose protected health information was potentially compromised in cyberattacks that occurred more...

Logan Health Medical Center in Kalispell, MT, has recently started notifying certain patients that hackers gained access to a file...

50 healthcare data breaches of 500 or more records were reported to the HHS’ Office for Civil Rights (OCR) in...

Seattle, WA-based Sea Mar Community Health Centers is facing a class action lawsuit over a cyberattack in which the protected...

The Health Insurance Portability and Accountability Act’s (HIPAA) Breach Notification Rule places a strict time limit on issuing notifications to...

Morley Companies, a Saignaw, MI-based provider of business services, has recently announced it was the victim of a cyberattack that...

Philadelphia FIGHT Community Health Centers has recently announced it was the victim of a cyberattack on November 30, 2021. Third-party...