The HIPAA Journal

APRIL 29, 2025

In its April 11, 2025, substitute breach notice, Endue Software explained that unauthorized access to some of its systems was identified on February 17, 2025.The The forensic investigation confirmed that an unauthorized actor gained access to some of its systems for a brief period on February 16, 2025.

Hospital 75

Hospital HIPAA Insurance Medication 75

The HIPAA Journal

MARCH 19, 2025

The breach was detected on January 15, 2025, and immediate action was taken to prevent further unauthorized access. The forensic investigation confirmed that an unauthorized third party accessed the account between January 10, 2025, and January 14, 2025, and potentially viewed or acquired patient data.

HIPAA 85

HIPAA Scheduling Hospital Billing 85

The HIPAA Journal

MARCH 11, 2025

The file review confirmed that the types of data compromised in the cyberattack included names, addresses, dates of birth, Social Security numbers, drivers license numbers, medical information, and health insurance information. The post Cyberattack on Sunflower Medical Group Affects 221,000 Patients appeared first on The HIPAA Journal.

Medication 81

Medication HIPAA Appointments Insurance 81

The HIPAA Journal

APRIL 27, 2025

HIPAA violation cases are compliance investigations that result from a data breach being notified to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) or a privacy complaint being submitted to OCR via the complaints portal. There are many different types of HIPAA violation cases.

HIPAA 85

HIPAA Business Associate Hospital Medication 85

The HIPAA Journal

APRIL 1, 2025

A comprehensive and time-intensive review of the affected accounts was recently concluded, and it was confirmed that names, addresses, Social Security numbers, drivers license numbers, bank account information, payment card information, dates of birth, medical information, and health insurance information were stored in the accounts.

HIPAA 75

HIPAA Insurance Medication 75

The HIPAA Journal

MARCH 20, 2025

on February 14, 2025. The intrusion was detected on January 13, 2025, and the investigation confirmed that an unauthorized third party had access to its network between December 8, 2024, and January 11, 2025. Peters, Missouri, has notified 1,265 individuals about a security incident on January 17, 2025.

Hospice 79

Hospice HIPAA Medical History Diagnostics 79

The HIPAA Journal

APRIL 18, 2025

The document review was completed on January 30, 2025, when it was confirmed that the exposed information included first and last names, clinical/treatment information, medical provider names, medical record numbers, and patient account numbers. Notification letters were mailed to the affected individuals two months later, on March 31, 2025.

HIPAA 55

HIPAA Hospital Documentation Insurance 55

The HIPAA Journal

MARCH 11, 2025

The data review was completed on February 13, 2025, and confirmed that names, dates of birth, Social Security numbers, medical information, treatment information, healthcare provider information, and health insurance information had been exposed.

HIPAA 68

HIPAA Insurance Medication 68

The HIPAA Journal

MARCH 19, 2025

A data review vendor was engaged, and Access TeleCare was provided with the final results of the review on August 30, 2024; however, it took until March 4, 2025, for individual notifications to be mailed. On January 14, 2025, an employee emailed a document to a personal email account.

HIPAA 74

HIPAA Documentation Insurance Medication 74

The HIPAA Journal

MARCH 28, 2025

On March 20, 2025, Pineland Community Service Board disclosed a security incident detected on January 20, 2025. The forensic investigation confirmed unauthorized network access between November 24, 2024, and January 20, 2025, during which time the threat actor viewed or copied information from its network.

Appointments 53

Appointments HIPAA Insurance Billing 53

The HIPAA Journal

MARCH 24, 2025

in early March 2025.In users of the 23andMe service have a degree of protection under the Genetic Information Nondiscrimination Act (GITA), as their genetic data cannot be used to make employment or health insurance decisions but there may be other ways that their data could be used.

Tests 82

Tests HIPAA Insurance 82

The HIPAA Journal

APRIL 28, 2025

Frederick Health Medical Group, a Maryland-based healthcare group, announced on January 27, 2025, that it had fallen victim to a ransomware attack and had called in cybersecurity experts to investigate the incident. The post Ransomware Attack on Frederick Health Medical Group Affects 934,000 Patients appeared first on The HIPAA Journal.

Medication 122

Medication HIPAA Best Practices Insurance 122

The HIPAA Journal

APRIL 1, 2025

All claims must be submitted by or be postmarked by June 30, 2025. The settlement has received preliminary approval from the court, and the final approval hearing has been scheduled for June 16, 2025. Million Data Breach Settlement appeared first on The HIPAA Journal. The post Azura Vascular Care Agrees to $3.15

HIPAA 60

HIPAA Documentation Billing Scheduling 60

The HIPAA Journal

APRIL 29, 2025

The review of the account confirmed it contained names, addresses, birth dates, Social Security numbers, drivers license and other ID numbers, financial information, and limited health and health insurance information related to treatment and prescriptions. The breach was reported to the Maine Attorney General as affecting 5,971 individuals.

Follow-Up 103

Follow-Up HIPAA Best Practices Documentation 103

The HIPAA Journal

MARCH 25, 2025

Columbia Eye Clinic, South Carolina Columbia Eye Clinic, a medical and surgical ophthalmology practice with four locations in Columbia and Lexington in South Carolina, announced a data security incident on March 14, 2025, involving the exposure of patients’ protected health information.

Insurance 87

Insurance HIPAA Billing Medication 87

The HIPAA Journal

APRIL 28, 2025

Email accounts have been compromised at four HIPAA-regulated organizations: Alternate Solutions Health Network in Ohio; Park Royal Hospital in Florida; 90 Degree Benefits in Minnesota; and the Charleston Fire Department in West Virginia. Individual notification letters also started to be mailed on April 14, 2025.

HIPAA 72

HIPAA Billing Hospital Admissions 72

CollaborateMD

APRIL 3, 2025

These regulations ensure that healthcare providers accurately bill patients and insurance companies while protecting sensitive patient information. Following health insurance policies and procedures. For example, this April 2025, CMS announces 50 new ICD-10-PCS codes (PDF). Why is medical compliance critical? The result?

Billing 52

Billing Medication HIPAA Follow-Up 52

The HIPAA Journal

APRIL 2, 2025

SimonMed Imaging has recently confirmed that it was affected by a cybersecurity incident earlier this year that involved unauthorized access to patient data via one of its vendors.The Scottsdale, Arizona-based radiology practice said that on January 27, 2025, it was alerted by one of its vendors that they were experiencing a security incident.

HIPAA 52

HIPAA Insurance Medication 52

Healthcare Law Insights blog

JANUARY 15, 2025

This marks the first update to the HIPAA Security Rule since 2013. 1] The Proposed Rule applies to HIPAA-regulated entities, including Covered Entities such as health plans, healthcare clearinghouses, most healthcare providers, and their Business Associates. population. [1]

HIPAA 52

HIPAA Business Associate Follow-Up Documentation 52

The HIPAA Journal

APRIL 15, 2025

A hacker gained access to its network on February 3, 2025, and downloaded ransomware, which was used to encrypt files on its network. Unusual activity was identified within its computer systems on January 27, 2025. The post Ransomware Attack Announced by True Dental Care for Kids and Adults appeared first on The HIPAA Journal.

HIPAA 75

HIPAA Insurance Medication 75

The HIPAA Journal

MARCH 20, 2025

The HIPAA Journal has compiled healthcare data breach statistics from October 2009, when the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) started publishing summaries of healthcare data breaches on its website. Dominion National Insurance Company, and Dominion Dental Services USA, Inc.

Business Associate 109

Business Associate HIPAA Unit Organization and Environment Hospital 109

Healthcare Leadership Council

APRIL 9, 2025

In addition to responding to the specific questions in the RFI, HLCs and the Confidentiality Coalitions comments focused on the critical need to harmonize federal data privacy and security standards with the Health Insurance Portability and Accountability Act (HIPAA). Published April 9, 2025 You can view the response here.

HIPAA 40

HIPAA Collaboration Insurance 40

The HIPAA Journal

APRIL 4, 2025

Notification letters were mailed to the affected individuals on February 21, 2025. After an extensive forensic investigation and comprehensive document review, on March 21, 2025, we determined your personal data may have been subject to unauthorized access or acquisition, which occurred between November 4, 2023, and November 5, 2023.

Hospital 68

Hospital Follow-Up HIPAA Insurance 68

The HIPAA Journal

MARCH 25, 2025

The post Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals appeared first on The HIPAA Journal.

HIPAA 74

HIPAA Insurance Medication 74

The HIPAA Journal

MAY 2, 2025

Orthopaedic Specialists of Connecticut Orthopaedic Specialists of Connecticut has notified 22,541 patients about a hacking incident that saw unauthorized individuals gain access to its network on March 2, 2025. Notification letters started to be mailed to the affected individuals on April 23, 2025.

HIPAA 50

HIPAA Insurance Medical History Medication 50

Health Populi

MARCH 21, 2019

per average internet user per month in 2025, $3.18 But the non-traditional data bytes (detailed in the Cracked Labs graphic above) that industry, and especially retail at large, are mashing up aren’t usually covered by HIPAA, unless they reside in HIPAA-covered entities’ information systems. for Americans.

Insurance 102

Insurance HIPAA Patient Care Billing 102

The HIPAA Journal

MARCH 18, 2025

subsidiary that provides life insurance and retirement software and services. In a regulatory filing on March 14, 2025, Infosys McCamish confirmed that a settlement has been agreed in principle to resolve all claims and allegations made in six class action lawsuits, with the proposed agreement settling all pending class action lawsuits.

HIPAA 81

HIPAA Follow-Up Insurance Medication 81

The HIPAA Journal

MARCH 10, 2025

A file review was conducted to determine the types of information stored on the compromised parts of the network, and it was confirmed on January 8, 2025, that sensitive data had been exposed and potentially stolen. The listing indicates 3,269 files (42 GB) were exfiltrated, a sample of which has been added to the listing.

Hospital 51

Hospital HIPAA Insurance Medication 51

The HIPAA Journal

MARCH 18, 2025

That process was completed in February 2025 and confirmed that the stolen data included employee benefit plan information such as names, Social Security numbers, drivers license/state ID numbers, medical treatment information, and health insurance information.

HIPAA 53

HIPAA Insurance Medication 53

Arkenea

APRIL 10, 2025

According to Statista, the global IT outsourcing market is projected to exceed $591billion by 2025, reflecting a compound annual growth rate of 5.1percent. Faster TimetoMarket In a health insurance policy management system project, a client achieved a fourmonth launch timeline by outsourcing development and QA to a dedicated vendor.

Tests 52

Tests Communication Documentation Follow-Up 52

Arkenea

JANUARY 25, 2025

Since it includes patients’ data or ePHI (Protected Health Information), it’s essential to encompass HIPAA (Health Insurance Portability and Accountability Act) rules during the e-prescription software development process. HIPAA regulations safeguard ePHI on physical, technical, and administrative levels.

Transfers 52

Transfers HIPAA Medical History Follow-Up 52

The HIPAA Journal

APRIL 2, 2025

That process was completed on March 5, 2025. The affected individuals were notified on March 27, 2025, and a toll-free helpline has been established for the affected individuals to find out more information about the incident.

HIPAA 53

HIPAA Medical History Medication Insurance 53

The HIPAA Journal

MARCH 20, 2025

Biggest Healthcare Data Breaches in February 2025 In February, 16 data breaches were reported to OCR that affected 10,000 or more individuals 11 hacking/IT incidents, 3 unauthorized access/disclosure incidents, and 2 theft incidents. The former employee was arrested over the theft and card misuse and is facing criminal charges.

Business Associate 112

Business Associate HIPAA Insurance Follow-Up 112

The HIPAA Journal

MARCH 12, 2025

The file review was completed on December 28, 2023, and it was confirmed that the data exposed in the incident included names, addresses, birth dates, Social Security numbers, drivers license information, passport numbers, financial account information, medical histories, and health insurance information.

HIPAA 74

HIPAA Medical History Documentation Scheduling 74

Valant

APRIL 21, 2025

For example, staff members who handle billing need insurance information, but not detailed clinical notes. HIPAA-compliant messaging systems keep patient communication secure. In addition to HIPAA, behavioral health providers must also comply with applicable state laws and insurance regulations.

HIPAA 71

HIPAA Patient Records Best Practices Documentation 71

The HIPAA Journal

MARCH 13, 2025

This can result in an unauthorized disclosure of health data that is prohibited under HIPAA, and more seriously, can put patient safety at risk. The MATCH IT Act of 2025 was introduced by Rep. It is common for medical records to be overlaid, where multiple patients records are merged into a single record.

HIPAA 61

HIPAA Patient Safety Billing Insurance 61