The HIPAA Journal

MARCH 19, 2025

The compromised email account was reviewed and found to contain patients full names, addresses, dates of birth, medical and treatment information, dates of service, provider and facility names, procedure codes, billing and claims information, patient account identifiers, and payor information.

HIPAA

The HIPAA Journal

JULY 22, 2025

Specialty Networks LLC, a Cardinal Health company that provides radiology information systems and PPS analytics to urology, gastroenterology, and rheumatology practices to improve patient outcomes, has agreed to settle a class action lawsuit stemming from a 2023 data breach. Million appeared first on The HIPAA Journal.

HIPAA

The HIPAA Journal

JULY 11, 2025

The stolen information included names, Social Security numbers, taxpayer identification numbers, medical or health insurance information, and other sensitive information. The affected individuals were notified about the data breach on March 14, 2023.

Follow-Up

The HIPAA Journal

APRIL 1, 2025

On October 9, 2023, Azura Vascular Care identified suspicious network activity, with the forensic investigation confirming that hackers had access to its network between September 27, 2023, and October 9, 2023, during which time they potentially stole the protected health information of patients.

HIPAA

The HIPAA Journal

APRIL 17, 2025

The first unauthorized access occurred in February 2021 and continued until February 2023. When the privacy breach was detected, the matter was investigated internally, and the physical therapist was fired, although the lawsuit alleges KU Health failed to notify law enforcement about the illegal medical record access.

Patient Records

The HIPAA Journal

JULY 11, 2025

From the information collected, third parties could infer that a patient was being treated for a specific medical condition, such as cancer, pregnancy, or addiction. The class consists of more than 819,000 consumers who had a MyChart patient portal account between January 1, 2020, and December 31, 2023.

HIPAA

CollaborateMD

FEBRUARY 20, 2025

billion in 2023, is forecasted to grow to 5.06 make sure items like medications and PPE are always in stock). By streamlining workflows, like the medical billing process, CollaborateMD helps providers utilize reporting tools that simplify revenue cycle management, reimbursing them faster. billion by 2030.

Patient Care

The HIPAA Journal

MARCH 19, 2025

An investigation was launched which revealed an unauthorized third party had access to the email account for 2 months since November 6, 2023, and other email accounts may also have been accessed. The post Email Account Breaches Reported by Access TeleCare & Madison County, MS appeared first on The HIPAA Journal.

HIPAA

The HIPAA Journal

MARCH 31, 2025

Personal data is defined as any information linked or reasonably linkable to a Virginia resident, excluding publicly available information, protected health information covered by HIPAA, health records, patient identifying information, and other information relating to compliance with various other federal laws.

HIPAA

The HIPAA Journal

DECEMBER 24, 2022

Penalties for HIPAA violations can be issued by the Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general. In addition to financial penalties, covered entities are required to adopt a corrective action plan to bring policies and procedures up to the standards demanded by HIPAA. .

HIPAA

The HIPAA Journal

JULY 9, 2024

The Houston, TX-based medical device company, LivaNova, is facing multiple class action lawsuits over an October 2023 cyberattack that exposed the protected health information of 180,000 patients. The post LivaNova Facing Multiple Class Action Lawsuits Over October 2023 Cyberattack appeared first on The HIPAA Journal.

HIPAA

The HIPAA Journal

APRIL 23, 2024

Kisco Senior Living experienced its attack in June 2023, and Island Ambulatory Surgery Center suffered an attack in July. According to the notification letters mailed to the affected individuals in April 2024, a cyberattack was detected on June 6, 2023, when its network was disrupted.

HIPAA

The HIPAA Journal

APRIL 27, 2025

HIPAA violation cases are compliance investigations that result from a data breach being notified to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) or a privacy complaint being submitted to OCR via the complaints portal. There are many different types of HIPAA violation cases.

HIPAA

The HIPAA Journal

APRIL 30, 2024

The medical device manufacturer Livanova, the Massachusetts community behavioral health center Aspire Health Alliance, and Santa Rosa Behavioral Healthcare Hospital in California have experienced ransomware attacks that exposed patient data. million in Q4, 2023, as a result of the attack.

HIPAA

The HIPAA Journal

APRIL 22, 2024

Email accounts have been compromised at the University of Wisconsin Hospitals and Clinics Authority and the Medical Home Network in Illinois. 20, 2023, and Dec. Suspicious activity was identified in MHN’s email environment on or around October 11, 2023.

Medication

The HIPAA Journal

APRIL 25, 2024

Several class action lawsuits have been filed against City of Hope National Medical Center, a National Cancer Institute (NCI)-designated cancer treatment and research center, over a recently disclosed data breach that exposed the protected health information of more than 827,000 individuals.

Medication

The HIPAA Journal

MARCH 20, 2025

The HIPAA Journal has compiled healthcare data breach statistics from October 2009, when the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) started publishing summaries of healthcare data breaches on its website. On January 22, 2023, the breach portal listed 857 data breaches as still; under investigation.

Business Associate

The HIPAA Journal

MAY 6, 2024

Marlton, NJ-based Continuum Health Alliance has recently confirmed that it has experienced a security incident that exposed the data of 377,119 patients of its client, Consensus Medical Group, a physician-owned medical group in Evesham, NJ.

Medication

The HIPAA Journal

APRIL 23, 2024

March was a particularly bad month for healthcare data breaches with 93 branches of 500 or more records reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), a 50% increase from February and a 41% year-over-year increase from March 2023.

Business Associate

The HIPAA Journal

MAY 30, 2025

Bradford Health Services, Alabama Bradford Health Services in Birmingham, Alabama, has issued a May 30, 2025, notice about a data security incident that was detected more than 18 months ago on December 8, 2023. Data compromised in the incident included names, addresses, and information related to medical tests.

Tests

Health Prime

AUGUST 22, 2024

Medical coding consists of transforming healthcare diagnoses, procedures, medical services, and equipment into universal alphanumeric codes. According to Grand View Research , the medical coding market is expected to grow at a compound annual growth rate (CAGR) of 9.85% from 2023 to 2030.

Medical Coding

The HIPAA Journal

MAY 13, 2025

The Michigan House of Representatives has passed a bill ( HB 4242 ) that seeks to protect the sensitive health data of state residents from foreign entities of concern by requiring electronic medical records to be stored in the United States or Canada. The bills will now be considered by the Senate.

Billing

The HIPAA Journal

JULY 4, 2024

SkinCure Oncology has notified 13,434 patients about an email attack that occurred in June 2023, and the Wisconsin Department of Health Services has announced a breach of the personal information of 19,150 Medicaid recipients. SkinCure Oncology believes files in those email accounts were viewed and potentially obtained in the attack.

Medical History

The HIPAA Journal

JULY 9, 2024

SouthCoast Health and Privia Medical Group in Georgia have notified patients about a cyberattack and data breach that occurred in June 2023. The post SouthCoast Health; Call 4 Health Notify Patients About Cyberattacks appeared first on The HIPAA Journal. During that time, files on the network were viewed or copied.

Triage

Health Prime

JANUARY 22, 2025

Department of Health and Human Services (HHS) released a Notice of Proposed Rulemaking (NPRM) to modify the Health Insurance Portability and Accountability Act (HIPAA) Security Rule of 1996. This is the first HIPAA Security rule update since 2013. From 2018-2023, reports of significant breaches increased by 102%.

HIPAA

Health Prime

JANUARY 22, 2025

Department of Health and Human Services (HHS) released a Notice of Proposed Rulemaking (NPRM) to modify the Health Insurance Portability and Accountability Act (HIPAA) Security Rule of 1996. This is the first HIPAA Security rule update since 2013. From 2018-2023, reports of significant breaches increased by 102%.

HIPAA

The HIPAA Journal

APRIL 26, 2024

Los Angeles County Department of Health Services’ employees were targeted in a recent phishing campaign, and almost 2,800 Catholic Medical Center patients have been affected by a data breach at one of its vendors. diagnosis/condition, treatment, test results, medications), and/or health plan information.

Business Associate

The HIPAA Journal

APRIL 29, 2024

On September 14, 2023, RMN notified HAPG that it had identified suspicious activity on its network, including in the systems it manages for HAPG. Million Record MSP Data Breach appeared first on HIPAA Journal. The post Health Data Analytics Firm Reports 1.1-Million

HIPAA

The HIPAA Journal

OCTOBER 30, 2024

The New York multi-site medical practice, Albany ENT & Allergy Services, has agreed to pay a $500,000 financial penalty to the state of New York and will invest $2.25 The first intrusion involved ransomware and was discovered on March 27, 2023, when files were encrypted. The compromised systems contained the records of 213.

HIPAA

The HIPAA Journal

JULY 5, 2024

An investigation was launched in November 2023, when unauthorized access was suspected. The post Insider Breaches Reported by Providence Mission Heritage Endocrinology & Samaritan Health Services appeared first on The HIPAA Journal.

HIPAA

The HIPAA Journal

OCTOBER 29, 2024

billion in MA risk-adjusted payments were made for 2023 and that 80% of those payments were made to just 20 MA companies. In fiscal year 2023, the CMS identified $12.7 In fiscal year 2023, the CMS identified $12.7 HHS-OIG estimates that around $7.5 The CMS only concurred with the last recommendation.

Follow-Up

The HIPAA Journal

JULY 5, 2024

An investigation was launched which determined that between November 2, 2023, and March 29, 2024, the vendor accessed and downloaded information from a Kairos database. The post Protected Health Information Stolen in HealthEquity SharePoint Breach appeared first on The HIPAA Journal.

HIPAA

Health Populi

APRIL 17, 2023

The bill expands privacy protections for Washington State’s health citizens beyond HIPAA’s provisions. The ethos of the name and the intent of this law is a perfect vision for considering what we hear and learn this week coming out of the 2023 HIMSS Annual Conference as the meeting kicks off today. First, the law.

HIPAA

The HIPAA Journal

JULY 3, 2024

They confirmed that an unauthorized actor gained access to its network on October 8, 2023, and maintained access until the breach was detected. The post Texas Retina Associates Cyberattack Affects 312,000 Patients appeared first on The HIPAA Journal.

HIPAA

The HIPAA Journal

NOVEMBER 6, 2024

Data breaches have recently been announced by Axis Health System in Colorado, Gandara Mental Health Center in Massachusetts, Valleygate Dental Surgery Centers in North Carolina, and Family Medical Center in Maryland. The intrusion was detected on March 9, 2023, when ransomware was used to encrypt files.

HIPAA

The HIPAA Journal

MAY 1, 2024

While ransomware groups were a major threat in 2023 and were behind some of 2023’s largest data breaches, there was a slight decline in attacks year-over-year. Verizon said threat actors are increasingly targeting personal information over medical data.

Follow-Up

Physicians Practice

JULY 24, 2025

Reynolds Blog Article Explore the intersection of HIPAA violations and the False Claims Act, highlighting compliance strategies to mitigate legal risks in healthcare. Hence, underscoring that alleged HIPAA violations are material and can be the basis of a FCA case. Rose, JD, MBA Fact checked by Keith A.

HIPAA