Breach

EngageMED, a healthcare support system, filed notice of data breach. They recognized that an authorized part was able to access the company's IT network. This resulted in unauthorized access to names, addresses, dates of birth, Social Security numbers, medical information, health insurance information, and claim information.

A breach at Health Equity occurred because a user account of one of HealthEquity’s vendors was compromised and their password stolen, which was used by the malicious hacker to access the data repository.

​​​​​​​A roundup of todays HIPAA related news demonstrates that foreign actors such as North Korea and Iran are attacking the US with the latest news having an attack against healthcare and an attack against our political system.

To keep your network secure, your office must keep your software up-to-date. Software providers will release updates when there is an identified vulnerability. Ransomware such as Blast Basta will take advantage of these vulnerabilities if you do not patch quickly.

When a breach occurs, offices are required to notify the patients whose information may have been compromised in the breach. This is known as the Breach Notification Rule.

Under the HITECH Act, passed in 2009, the secretary is required to post all breaches affecting 500 or more patients to the internet. This applies to all medical providers and Business Associates. This web site is commonly referred to as the HIPAA Wall of Shame. You can find it at https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

Many cybersecurity events and breaches are the result of us failing to keep our computers and computer programs up to date. The process of keeping our systems up to date is known as PATCHING.

A HIPAA breach has lasting impacts. A breach will trigger an investigation and may result in civil penalties. A breach can erode the patient trust in the provider and the medical community. A breach also opens your office up for litigation.

Cybersecurity threats in 2021 were the largest ever. Experts anticipate that the digital environment in 2022 will be even more dangerous. The American Dental Association was hit by a cyberattack that stole personal information and disrupted services.

Patients have filed a lawsuit against SuperCare over a HIPAA Breach. SuperCare failed to maintain adequate security to protect patient records.