Data Privacy, Data Security, Healthcare Ruling: HHS Lacks Authority to Differentiate Types of PHI for Restrictions Marianne Kolbasuk McGee (HealthInfoSec) • June 20, 2025 Image: Getty Images A recent ruling from a federal court in Texas has invalidated changes to the HIPAA Privacy Rule that were enacted by the Biden…
Jackson Health System Reports Significant Insider Data Breach In a troubling development within the healthcare sector, Jackson Health System has revealed a new insider data breach that extends over a five-year period. This breach has raised concerns about the safeguarding of sensitive patient information, a critical aspect of healthcare organizations…
Practice Resources Reaches $1.5 Million Settlement Over Data Breach In a significant development in cybersecurity, Practice Resources has agreed to a settlement of $1.5 million in response to a data breach that compromised sensitive patient information. This settlement underscores the increasing concerns surrounding data protection within healthcare organizations in the…
The average duration for companies to disclose a data breach stands at approximately four months, according to research analyzing ransomware incidents from 2018 onward. However, this timeframe can extend significantly for certain industries, emphasizing the complexities surrounding breach notifications. The delay in reporting data breaches largely stems from the fact…
Fraud Management & Cybercrime, Ransomware HIPAA Protected Health Information Compromised in November 2023 Cyberattack Marianne Kolbasuk McGee (HealthInfoSec) • April 30, 2025 Image: City of Long Beach, California The City of Long Beach, California, is in the process of notifying approximately 260,000 individuals regarding a significant breach of their protected…
Fraud Management & Cybercrime, HIPAA/HITECH, Ransomware New Enforcement Action Ties to Ransomware and Risk Analysis Compliance Efforts Marianne Kolbasuk McGee (HealthInfoSec) • April 28, 2025 Image: HHS OCR In a significant enforcement action, federal regulators imposed a $25,000 fine on Comprehensive Neurology, a specialty practice located in Hollis, New York.…
As businesses navigate an increasingly digital landscape, the importance of cybersecurity has escalated from a mere IT concern to a fundamental pillar of operational strategy. The proliferation of cyber threats, including ransomware, phishing attacks, insider threats, and advanced persistent threats (APTs), has made safeguarding digital infrastructure imperative rather than optional.…
Hospital Español Auxilio Mutuo de Puerto Rico Confirms 2023 Data Breach In a concerning development for healthcare data security, Hospital Español Auxilio Mutuo de Puerto Rico has reported a data breach that occurred in 2023. The incident raises significant alarms about the integrity of sensitive patient information within the healthcare…
Data Privacy, Data Security, Fraud Management & Cybercrime Case Resolves HHS OCR Scrutiny of Two Security Incidents Marianne Kolbasuk McGee (HealthInfoSec) • April 17, 2025 Image: Guam Memorial Hospital Authority The Guam Memorial Hospital Authority has consented to a $25,000 payment to federal regulators while agreeing to implement a corrective…
