OCR Announces 20th Settlement Under Right of Access Initiative
The Office for Civil Rights (OCR) recently announced that it has entered into the 20th settlement under its Right of Access Initiative. The settlement with Children’s Hospital and Medical Center in...
Hospital Continues to Divert Patients Over a Week After Ransomware Attack
Eskenazi Health in Indianapolis has been diverting emergency department patients arriving by ambulance to other area hospitals since it shut down its network following a ransomware attack on August 4, 2021....
Fertility Clinic That Sent Sensitive Email to a Patient’s Work Group Faces Lawsuit
A fertility clinic in California cannot escape a lawsuit brought by a patient after the clinic sent private information to the individual’s entire work team. The clinic, Lane Fertility Institute for...
OCR Cybersecurity Newsletter Focuses on Controlling Access to ePHI
The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services recently issued its Summer 2021 Cybersecurity Newsletter, which focuses on controlling access to electronic personal health...
Connecticut Enacts Legislation to Incentivize Adoption of Cybersecurity Safeguards and Expand Breach Reporting Obligations
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state. Cybersecurity risks...
HHS Warns Hospitals to Fix Security Vulnerability in PACs
In a rare move, the Department of Health and Human Services (HHS) has issued a warning to hospitals and health systems to prioritize the patching of a two-year-old vulnerability in picture...
Las Vegas’ University Medical Center Hit with REvil Ransomware
University Medical Center in Las Vegas announced that it recently became the victim of a ransomware attack by REvil, a well-known threat actor that has attacked many hospitals and health systems...
Diabetes, Endocrinology & Lipidology Center Becomes 19th Settlement with OCR for HIPAA Right-of-Access Violation
Last week, Diabetes, Endocrinology & Lipidology Center Inc. (DELC) of West Virginia reached a $5,000 settlement with the Office for Civil Rights (OCR) over allegations that it failed to provide timely...
OCR Announces Settlement with Clinical Lab for Alleged HIPAA Violations
The Office for Civil Rights (OCR) this week announced a settlement with Peachstate Health Management LLC (aka AEON Clinical Laboratories) following a compliance review that uncovered alleged violations of HIPAA. The...
Renown Health Pays $75,000 to Settle Right-of-Access Violation Under HIPAA
Renown Health, P.C. (Renown), a non-profit health system in Nevada, settled with the U.S. Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services in a matter...