News
OCR Announces 20th Settlement Under Right of Access Initiative

The Office for Civil Rights (OCR) recently announced that it has entered into the 20th settlement under its Right of Access Initiative. The settlement with Children’s Hospital and Medical Center in...

Read more
News
Hospital Continues to Divert Patients Over a Week After Ransomware Attack

Eskenazi Health in Indianapolis has been diverting emergency department patients arriving by ambulance to other area hospitals since it shut down its network following a ransomware attack on August 4, 2021....

Read more
News
Fertility Clinic That Sent Sensitive Email to a Patient’s Work Group Faces Lawsuit

A fertility clinic in California cannot escape a lawsuit brought by a patient after the clinic sent private information to the individual’s entire work team. The clinic, Lane Fertility Institute for...

Read more
News
OCR Cybersecurity Newsletter Focuses on Controlling Access to ePHI

The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services recently issued its Summer 2021 Cybersecurity Newsletter, which focuses on controlling access to electronic personal health...

Read more
News
Connecticut Enacts Legislation to Incentivize Adoption of Cybersecurity Safeguards and Expand Breach Reporting Obligations

On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state. Cybersecurity risks...

Read more
News
HHS Warns Hospitals to Fix Security Vulnerability in PACs

In a rare move, the Department of Health and Human Services (HHS) has issued a warning to hospitals and health systems to prioritize the patching of a two-year-old vulnerability in picture...

Read more
News
Las Vegas’ University Medical Center Hit with REvil Ransomware

University Medical Center in Las Vegas announced that it recently became the victim of a ransomware attack by REvil, a well-known threat actor that has attacked many hospitals and health systems...

Read more
News
Diabetes, Endocrinology & Lipidology Center Becomes 19th Settlement with OCR for HIPAA Right-of-Access Violation

Last week, Diabetes, Endocrinology & Lipidology Center Inc. (DELC) of West Virginia reached a $5,000 settlement with the Office for Civil Rights (OCR) over  allegations that it failed to provide timely...

Read more
News
OCR Announces Settlement with Clinical Lab for Alleged HIPAA Violations

The Office for Civil Rights (OCR) this week announced a settlement with Peachstate Health Management LLC (aka AEON Clinical Laboratories) following a compliance review that uncovered alleged violations of HIPAA. The...

Read more
News
Renown Health Pays $75,000 to Settle Right-of-Access Violation Under HIPAA

Renown Health, P.C. (Renown), a non-profit health system in Nevada, settled with the U.S. Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services in a matter...

Read more