According to this article, 2021 has been a “particularly dire year” for health care data breaches. So, it may not seem shocking that a hacker gained access to the
Continue Reading Planned Parenthood Los Angeles Data Breach Coincides with Spotlight on Roe v. Wade
Holiday Weekends Provide No Time Off From Cyber Threats
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory aimed at reminding businesses to be on guard over the Labor Day and other
Continue Reading Holiday Weekends Provide No Time Off From Cyber Threats
2019 HIPAA BREACHES: THE BOX SCORES
It’s that time again for year-in-review articles. On December 16, 2019, Modern Healthcare has published an infographic that compares HIPAA breaches which occurred in 2019 to aggregate breach statistics from
Continue Reading 2019 HIPAA BREACHES: THE BOX SCORES
The Jiggery-Pokery of HIPAA Hacks
I must thank Justice Scalia for injecting this delightfully descriptive term into the realm of health care. Justice Scalia’s scathing dissent from the majority in the recent Supreme Court decision
Continue Reading The Jiggery-Pokery of HIPAA Hacks
Phishing for PHI
Two recently reported breaches of hospital data affecting thousands of patients highlight the prevalence, and apparent success, of phishing attacks.
Continue Reading Phishing for PHI
Paper Records HIPAA Violation Results in $800,000 Payment under HHS Resolution Agreement
My partner Elizabeth Litten was quoted at length by Alexis Kateifides in his recent article in DataGuidance entitled “USA: ‘Unique’ HIPAA violation results in $800,000 settlement.” While the full text
Continue Reading Paper Records HIPAA Violation Results in $800,000 Payment under HHS Resolution Agreement
Wild West Data Breach Sheriff Wins a Round Back East
LabMD is not the only company that has tried to buck the FTC’s assertion of authority over data security breaches. Wyndham Worldwide Corp. has spent the past year contesting the
Continue Reading Wild West Data Breach Sheriff Wins a Round Back East
Back to the SAIC Breach and a Look Across the Chasm Between Significant Risk and Actual Harm Resulting from a HIPAA Breach
SAIC’s recent Motion to Dismiss the Consolidated Amended Complaint filed in federal court in Florida as a putative class action highlights the gaps between an incident (like a theft) involving PHI, a determination that a breach of PHI has occurred, and the realization of harm resulting from the breach.
Continue Reading Back to the SAIC Breach and a Look Across the Chasm Between Significant Risk and Actual Harm Resulting from a HIPAA Breach
Personal Information Data Breaches – Not If, but When?
In light of the widely publicized pre-Christmas hacking breach of confidential data held by Stratfor Global Intelligence Service, a company specializing in data security, and the earlier TRICARE/SAIC breach, can we trust that any electronically transmitted or stored information is really safe?
Continue Reading Personal Information Data Breaches – Not If, but When?
Congressional Inquiry or Autopsy for SAIC Breach Disaster? – Part 5
Five members of Congress are co-signers of a bipartisan letter dated December 2, 2011, addressed to the Director of the TRICARE Management Authority to express the Congress members’ “deep concerns about a major breach of personally identifiable and protected health information by TRICARE contractor Science Applications International Corporation (SAIC).”
Continue Reading Congressional Inquiry or Autopsy for SAIC Breach Disaster? – Part 5