The HIPAA Journal

MAY 6, 2024

On February 16, 2024, Continuum announced on its website that it was investigating the incident while the investigation was ongoing. The file review was completed on March 8, 2024, when it was confirmed that the exposed data included patients’ names and Social Security numbers.

Medication 109

Medication HIPAA Tests Follow-Up 109

Valant

JULY 29, 2024

Altered mental status, unspecified (R41.82) is a billable ICD-10 diagnostic code under HIPAA regulations from October 1, 2020, to September 30, 2021. ICD-10 Code for Altered Mental Status In this blog post, Valant discusses the ICD-10 code for Altered Mental Status. Check out the 2023 ICD-10 updates here. Clinicians should only use the R41.82

Diagnostics 97

Diagnostics HIPAA Insurance Medication 97

The HIPAA Journal

APRIL 23, 2024

According to the notification letters mailed to the affected individuals in April 2024, a cyberattack was detected on June 6, 2023, when its network was disrupted. It took more than 10 months (April 10, 2024) to determine the types of information involved and the number of individuals affected.

HIPAA 100

HIPAA Insurance Medication 100

The HIPAA Journal

JULY 3, 2024

Suspicious network activity was identified on March 27, 2024, and third-party cybersecurity specialists were engaged to investigate the activity. The group says it has given the hospital until July 8, 2024, to pay the ransom demand and will leak the stolen data if payment is not made.

HIPAA 113

HIPAA Hospital Insurance Medication 113

The HIPAA Journal

JULY 3, 2024

A Seattle, WA, plastic surgery practice has been ordered to pay a financial penalty of $5 million to the Office of the Washington Attorney General to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA), Washington Consumer Protection Act (CPA), and the federal Consumer Review Fairness Act (CRFA).

HIPAA 106

HIPAA Insurance 106

The HIPAA Journal

OCTOBER 28, 2024

Last week, the Department of Health and Human Services (HHS) and the National Institute for Standards and Technology (NIST) hosted the Safeguarding Health Information: Building Assurance Through HIPAA Security 2024 conference after a 5-year absence. It is one of the most common reasons for individuals filing complaints with OCR.

HIPAA 76

HIPAA Medication 76

The HIPAA Journal

APRIL 30, 2024

On January 22, 2024, DRS identified suspicious activity within its network. On March 8, 2024, after a time-consuming and detailed review of the files, DRS confirmed that they contained the personal and protected health information of current and former patients of its healthcare clients.

Business Associate 85

Business Associate HIPAA Follow-Up Hospital 85

The HIPAA Journal

JULY 4, 2024

Gaia Software has disclosed details of a February 2024 cyberattack, Pinnacle Orthopaedics & Sports Medicine Specialists are investigating an April 2024 cyberattack, and OB GYN Specialists of Lima have discovered the improper disposal of patient data.

HIPAA 95

HIPAA Documentation Billing Insurance 95

The HIPAA Journal

APRIL 26, 2024

The email accounts were accessed by an unauthorized third party between February 19, 2024, and February 20, 2024. Lamont Hanley & Associates notified CMC on March 6, 2024, that there had been unauthorized access to an employee’s email account. The post Phishers Gain Access to 23 L.A.

HIPAA 103

HIPAA Business Associate Tests Medication 103

The HIPAA Journal

OCTOBER 31, 2024

Mystic Valley Elder Services, a Malden, Massachusetts-based non-profit agency providing home and community-based care to elders and adults living with disabilities, has started issuing individual notifications about a cyberattack and data breach that was identified on April 5, 2024.

Hospital 93

Hospital HIPAA Business Associate Insurance 93

The HIPAA Journal

MAY 2, 2024

Any individual who wishes to object to or be excluded from the settlement must do so by June 18, 2024, and all claims must be submitted by the same date. The settlement has received preliminary approval from the court and the final settlement hearing is scheduled for August 22, 2024.

HIPAA 98

HIPAA Follow-Up Best Practices Documentation 98

The HIPAA Journal

JULY 5, 2024

Providence Mission Heritage Endocrinology In May 2024, Providence Mission Heritage Endocrinology in Mission Viejo, CA, discovered an insider breach that involved unauthorized access to clinical records. The first instance occurred on December 15, 2020, and it continued until May 15, 2024.

HIPAA 101

HIPAA Patient Records Insurance Hospital 101

The HIPAA Journal

JULY 9, 2024

The review of the affected files was not completed until June 13, 2024. Call 4 Health Issues Notifications About March 2024 Cyberattack Call 4 Health, Inc., Unauthorized network access was detected on May 6, 2024, and immediate action was taken to prevent further unauthorized access.

Triage 98

Triage HIPAA Documentation Billing 98

The HIPAA Journal

MARCH 29, 2024

March 25, 2024: Clarification Sought from OCR About Change Healthcare Ransomware Breach Notifications The American Hospital Association (AHA) has written to the Department of Health and Human Services seeking clarification about data breach notifications, should it turn out that protected health information has been compromised.

HIPAA 95

HIPAA Unit Organization and Environment Follow-Up Business Associate 95

The HIPAA Journal

APRIL 25, 2024

The Lebanon, TN-based eye clinic chain said it detected unauthorized access to its network on March 25, 2024. OPMT said, “Even though it is not specifically required by HIPAA, we will offer identity theft protection services to all affected individuals; we feel that this is an important precaution to protect our patients.”

HIPAA 86

HIPAA Insurance 86

The HIPAA Journal

APRIL 22, 2024

A third-party cybersecurity firm was engaged to investigate the breach and it was determined on January 5, 2024, that the email account had been accessed by an unauthorized individual at various times between Sep. The post Email Accounts Compromised at UW Health and Medical Home Network appeared first on HIPAA Journal.

Medication 99

Medication HIPAA Hospital Billing 99

The HIPAA Journal

APRIL 29, 2024

A vendor was engaged to conduct a review of the affected files, and that process was completed on April 2, 2024. Notification letters were mailed to the affected individuals on April 25, 2024, and complimentary credit monitoring and identity theft protection services have been offered to the affected individuals.

HIPAA 94

HIPAA Insurance Medication 94

The HIPAA Journal

JULY 8, 2024

The Breach of Personal Information Notification Act was amended by Senate Bill 824 and was signed into law by state Governor Josh Shapiro on June 28, 2024. The amended law takes effect on September 26, 2024.

HIPAA 112

HIPAA Insurance Billing Medication 112

The HIPAA Journal

JULY 9, 2024

The RansomHub group claimed responsibility for the attack and said it had stolen around 100 gigabytes of data from the Department and started to leak the stolen data when the ransom was not paid by its deadline of July 1, 2024.

HIPAA 105

HIPAA Certification 105

The HIPAA Journal

JULY 5, 2024

The breach was detected on March 25, 2024, and immediate action was taken to prevent further unauthorized access. An investigation was launched which determined that between November 2, 2023, and March 29, 2024, the vendor accessed and downloaded information from a Kairos database.

HIPAA 97

HIPAA Insurance Medication 97

The HIPAA Journal

APRIL 25, 2024

City of Hope National Medical Center issued notification letters on April 2, 2024, and offered the affected individuals complimentary credit monitoring services. The post Multiple Class Action Lawsuits Filed Against City of Hope National Medical Center Over Data Breach appeared first on HIPAA Journal.

Medication 107

Medication HIPAA Medical History Best Practices 107

The HIPAA Journal

JULY 9, 2024

Notifications were issued in May 2024, and complimentary credit monitoring services were offered to the affected individuals. The post LivaNova Facing Multiple Class Action Lawsuits Over October 2023 Cyberattack appeared first on The HIPAA Journal.

HIPAA 107

HIPAA Insurance Medication 107

The HIPAA Journal

APRIL 24, 2024

The exploitation of vulnerabilities in software and operating systems is becoming far more common for initial access to networks, with phishing declining in prevalence, according to Mandiant’s M-Trends 2024 Report. The post Threat Actors Increasingly Targeting Vulnerabilities for Initial Access appeared first on HIPAA Journal.

HIPAA 92

HIPAA Hospital 92

The HIPAA Journal

APRIL 29, 2024

The Federal Trade Commission (FTC) issued a final rule on April 26, 2024, that updates the FTC Health Breach Notification Rule. These changes make the Health Breach Notification Rule applicable to health apps and similar technologies not covered by HIPAA.

HIPAA 93

HIPAA Insurance Communication 93

The HIPAA Journal

JULY 4, 2024

Notification letters were sent to the affected individuals on June 21, 2024, and they were advised about the data that was exposed. The post Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services appeared first on The HIPAA Journal. The helpline is manned Monday to Friday, from 8:00 a.m.

HIPAA 103

HIPAA Medical History Insurance Medication 103

The HIPAA Journal

OCTOBER 28, 2024

According to the Verizon 2024 Data Breach Investigations Report , more than two-thirds of breaches involve the human element rather than the exploitation of weaknesses and vulnerabilities in technology. Social engineering is the subject of the October 2024 cybersecurity newsletter from the HHS’ Office for Civil Rights.

HIPAA 92

HIPAA Collaboration 92

The HIPAA Journal

APRIL 30, 2024

On April 10, 2024, Livanova confirmed that the personal and protected health information of U.S. In a February 2024 earnings call, the company confirmed that the company had incurred costs of around $2.6 The post Patient Data Stolen from Livanova in October 2023 Ransomware Attack appeared first on HIPAA Journal.

HIPAA 86

HIPAA Insurance Hospital Medication 86

Practice Builders

DECEMBER 26, 2023

Enter the dynamic field of healthcare, where winds of change will continue to reshape the industry in 2024 and beyond. However, in the middle of this change, healthcare providers struggle with a decline in trust and disengagement, which means that in 2024, a strategic shift towards retention and reactivation will be necessary.

HIPAA 52

HIPAA Appointments Customer Service Medication 52

19 Labs

JULY 8, 2024

Redwood City, CA – July 9, 2024 Background of WellCheck WellCheck , founded by a second-grade teacher, initially developed a two-way notification platform for school lockdowns and emergency drills. During the COVID-19 pandemic, WellCheck pivoted to utilize its cloud-based, HIPAA-compliant platform for wellness screenings.

HIPAA 89

HIPAA Diagnostics Medical History Communication 89

Health Prime

JANUARY 24, 2024

The year 2024 is no exception. In 2024, we anticipate further evolution of telemedicine, with increased integration into routine care practices. The future of telemedicine will look brighter than ever in 2024. In 2024, medical providers will increasingly be rewarded based on patient outcomes and the quality of care.

Billing 52

Billing Communication Medication Appointments 52

The HIPAA Journal

OCTOBER 30, 2024

Wichita County in Texas experienced a cyberattack in May 2024 that exposed the sensitive data of 47,784 individuals, the majority of which are residents of Wichita County. According to County officials, the incident was detected on May 7, 2024, when network disruption was experienced.

HIPAA 67

HIPAA Insurance Hospital Medication 67

Health Populi

FEBRUARY 27, 2024

While the digital health stakeholder community is convening this week at VIVE in Los Angeles to share innovations in health tech, NABIP has assembled health insurance leaders in Washington, DC, for the 2024 Capital Conference to focus on major health reform issues that are top-of-mind for health care payors — which in today’s U.S.

Billing 141

Billing Insurance HIPAA Documentation 141

The HIPAA Journal

OCTOBER 29, 2024

According to its substitute breach notice, external cybersecurity professionals were engaged to investigate the incident and confirmed that a network intrusion occurred between January 4, 2024, and January 8, 2024, involving the exfiltration of a limited amount of patient data.

Insurance 79

Insurance HIPAA Business Associate Medication 79

The HIPAA Journal

NOVEMBER 6, 2024

The account compromises were detected on September 3, 2024, and the accounts were immediately secured and passwords were reset. On June 25, 2024, suspicious activity was detected in an employee’s email account. Kaiser Permanente Kaiser Permanente has recently discovered unauthorized access to two employee email accounts.

Medication 71

Medication HIPAA Documentation 71

The HIPAA Journal

APRIL 26, 2024

A bipartisan coalition of 22 state attorneys general sent a letter to UnitedHealth Group CEO Andrew Witty to express their concern about the response to the February 21, 2024, ransomware attack on Change Healthcare and the continuing problems faced by providers, pharmacies, and patients.

HIPAA 91

HIPAA Documentation Billing Medication 91

The HIPAA Journal

JULY 5, 2024

That process was completed on May 30, 2024, and then address information was verified. The affected individuals were notified by mail on June 26, 2024. The post Email Breach Affects 22,000 Ambulatory Surgery Center of Westchester Patients appeared first on The HIPAA Journal.

HIPAA 73

HIPAA Business Associate Insurance Patient Records 73

The HIPAA Journal

APRIL 30, 2024

On February 27, 2024, Bay Oral identified suspicious activity in an employee’s email account. The forensic investigation confirmed that an unauthorized individual had installed software and gained access to an employee’s email account on January 18, 2024.

HIPAA 59

HIPAA Medical History Insurance Medication 59