HIPAA Journal Synopsis 07/27/2018

Updated for the HIPAA Weekly Journal edition released 7/22/18:

Our weekly synopsis of the HIPAA Journal is designed to save you time and help you protect your patients’ PHI.  Aside from just scrolling through the headlines, we provide a short synopsis including a link to the original source.  We hope our efforts inform you and provide you with the tools you need to strengthen your HIPAA compliance.  Consequently, we provide this solely to educate you and save time.  For legal advice regarding HIPAA, we recommend you consult an attorney.  To learn more about protecting your PHI, email us at hipaa@abcnetfl.com.

June Healthcare Breach Report

The latest Breach Report has good news and bad.

The good news is there were 42% fewer PHI records breached.  The bad news is there was a 13.8% increase in the number of covered entities and business associates that were breached.

The full article can be read here.

FDA Issues Guidelines for Use of EHR Data

For clinical studies on patient data collected in an EHR program, the FDA has issued some guidance.  The article summarizes the guidelines in more detail.  The full article can be read here.

SamSam Ransomware Strikes LabCorps

The same strain of Ransomware that shut down the City of Atlanta has now struck one of the largest clinical laboratories in the US.  The scale of the breach is still under investigation.

To learn more, you can read the article here.

Phishing attacks hit two more Healthcare Organizations

  • 6,737 patient records breached at Sunspire Health (nationwide addiction treatment organization).
  • UPMC Cole (PA) had a breach of 790 patient records as a result of phishing.

Read more here.

NY Physician notifying patients of breach

3,775 patients of NY doctor Ruben Carvajal are being notified that their patient data may have been viewed by an unauthorized person between December 16, 2017 and January 3, 2018.

Read the article here.

Two employees of Alive Hospice in Tennessee tricked by phishing scam

The number of PHI records breached was not reported.  Two email accounts were breached that provided access to PHI.  Read the article.

Snapchat photo sharing of patients gets employees of a NY nursing home in hot water

Keep all patient data off of social media!  Employees of a NY nursing home apparently have a common practice of sharing patient photos on SnapChat.

Read the Article.

Employee traveling overseas has their email hacked

Billings Clinic (MT) employee gets their email hacked while overseas.  PHI of 8,435 patients in jeopardy.  Read the Article.

Ransomware Attack to Alaska Hospital

44,600 patients are being notified that a hospital in Alaska has potentially breached their PHI as a result of a Ransomware Attack.   Read more here.