Protenus, a Baltimore-based healthcare compliance analytics company, has released its annual Breach Barometer. It measured 758 health data breaches reported to the Department of Health and Human Services (HHS), the media, or some other source during 2020.
Cancer Treatment Centers of America and Midwestern Regional Medical Center (CTCA) based in Zion, Illinois, reported a breach last month potentially affecting 104,808 individuals, according to the Office for Civil Rights (OCR) breach report.
Hacking incidents in healthcare increased dramatically as organizations dealt with the novel coronavirus (COVID-19) pandemic throughout 2020, according to a recent report from Protenus, a Baltimore-based healthcare analytics company.
Mobile Anesthesiologists, an Illinois-based company offering healthcare services throughout the country, reported a breach in March affecting 65,403 individuals, according to the Office for Civil Rights breach report.
Q: Is it considered a HIPAA violation for facilities to keep patient charts outside of exam rooms or at a patient's bedside? Most providers prefer to have the charts handy to review just before seeing the patient. However, anyone could walk by the room and potentially get a glance at the information. Would this be considered an incidental disclosure?
Cybercrime is up in the healthcare industry, and it’s a good idea to make sure you’re ready to respond to cyber incidents. The key to speedy mitigation is to have a security incident response plan, test the plan, and make sure it works as you exercise it. Having a plan is also a HIPAA Security Rule requirement.
As ransomware attacks and phishing attempts persist in the age of the coronavirus (COVID-19), healthcare organizations have correctly poured many resources into combatting these attacks. However, as always, cybercriminals are finding new ways to access protected health information (PHI).
One year into the coronavirus (COVID-19) pandemic, phishing attacks against healthcare organizations remain a chief concern. Threat actors are constantly finding new vulnerabilities to exploit. It’s like a game of whack-a-mole: When healthcare organizations swat away one problem, another pops up.
Q: If an individual provides authorization for a disclosure, can the individual later revoke the authorization? Is the covered entity (CE) then required to “take back” or demand the erasure of any documentation by third parties that may have been made following the original authorization?
