HIPAA – Page 4 – WindowsTechs.com

HHS’ Office for Civil Rights Settles Second Ever Ransomware Cyber-Attack for $40,000 and a Corrective Action Plan with OCR Monitoring

Posted on February 22, 2024 by Dissent

HHS OCR has announced a second enforcement settlement in a ransomware case. The 2019 breach involving Green Ridge Behavioral Health managed to fly mostly under the media radar at the time. DataBreaches was not even aware that it was a ransomware attack… Continue reading HHS’ Office for Civil Rights Settles Second Ever Ransomware Cyber-Attack for $40,000 and a Corrective Action Plan with OCR Monitoring→

HHS’ Office for Civil Rights Settles Malicious Insider Cybersecurity Investigation for $4.75 Million

Posted on February 6, 2024 by Dissent

Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Montefiore Medical Center, a non-profit hospital system based in New York City for several potential violations of the Health Insu… Continue reading HHS’ Office for Civil Rights Settles Malicious Insider Cybersecurity Investigation for $4.75 Million→

CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector

Posted on November 17, 2023 by Dissent

Today, CISA released the Mitigation Guide: Healthcare and Public Health (HPH) Sector as a supplemental companion to the HPH Cyber Risk Summary, published July 19, 2023. This guide provides defensive mitigation strategy recommendations and best practice… Continue reading CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector→

Cyber incident shuts down Otsego Memorial Hospital computers

Posted on November 13, 2023 by Dissent

Mardi Link reports: Munson Healthcare officials are investigating a cyber incident at Otsego Memorial Hospital in Gaylord, that in October prompted a shutdown of the hospital’s computer system. Munson Healthcare acquired Otsego Memorial in 2018 a… Continue reading Cyber incident shuts down Otsego Memorial Hospital computers→

HHS announces its first settlement in a ransomware case: Doctors’ Management Services

Posted on October 31, 2023 by Dissent

From HHS, this interesting press announcement: Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Doctors’ Manag… Continue reading HHS announces its first settlement in a ransomware case: Doctors’ Management Services→

OCR Releases Cybersecurity Video: How the HIPAA Security Rule Can Help Defend Against Cyber-Attacks

Posted on October 31, 2023 by Dissent

In recognition of National Cybersecurity Awareness Month, OCR has produced a new video this October for organizations covered under the HIPAA Rules on how the HIPAA Security Rule can help regulated entities defend against cyber-attacks. The video is av… Continue reading OCR Releases Cybersecurity Video: How the HIPAA Security Rule Can Help Defend Against Cyber-Attacks→

October 31: OCR Webinar on The HIPAA Security Rule Risk Analysis Requirement

Posted on October 26, 2023 by Dissent

From HHS OCR: OCR Webinar on The HIPAA Security Rule Risk Analysis Requirement Threats and vulnerabilities to electronic protected health information (ePHI) in today’s healthcare environment are numerous and varied. ePHI is under constant threat from m… Continue reading October 31: OCR Webinar on The HIPAA Security Rule Risk Analysis Requirement→

HIPAA requires employers to sanction employees who violate HIPAA. Did you know that?

Posted on October 20, 2023 by Dissent

From HHS’s October cybersecurity newsletter: Last year, the Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) released a threat brief on the different types of social engineering1 that hackers us… Continue reading HIPAA requires employers to sanction employees who violate HIPAA. Did you know that?→

Inmediata settles multi-state litigation for $1.14 million; will improve data security and breach notification practices

Posted on October 18, 2023 by Dissent

Indiana Attorney General Rokita led a coalition of 33 attorneys general in a multi-state investigation and litigation against health care clearinghouse Imnediata stemming from a breach disclosed in 2019. Background In January 2019, HHS OCR alerted Inme… Continue reading Inmediata settles multi-state litigation for $1.14 million; will improve data security and breach notification practices→

Proper HIPAA security

Posted on October 3, 2023 by Charles Nix

I am a sysadmin, though not security-specific. I was recently stunned to receive an automated email from my physician’s office (in USA) containing an HTTP link to their website for the completion of preregistration forms.
Starting on a cl… Continue reading Proper HIPAA security→