PrivaPlan Blog Posts
W-2 phishing season is here…again
As the tax season gets underway, you can bet that cyber criminals are doing their tax preparations for W-2 phishing; they’re preparing to dupe hundreds of payroll and HR departments into providing W-2 data on their employees.
Phishing scam exposes PHI of patients at Colorado Mental Health Institute
As the year comes to an end, there appears to be no end in sight for healthcare data hacks. An employee at the Colorado Mental Health Institute at Pueblo recently fell for a phishing scam that potentially exposed the PHI of 650 patients.
Will a Federal Data Security and Breach Notification Act finally get passed?
Three Democratic Senators re-introduced a Data Security and Breach Notification Act on Thursday that has failed to get legislative approval since 2015.
Protect your data: 10 tips for online shopping
The National Retail Foundation says that 78 million people plan to do online shopping on Cyber Monday. No doubt a good number of those will do that at work.
New HIPAA guidance released in opioid crisis
Responding to the opioid crisis, the OCR explains when and how healthcare providers can share a patient’s health information without violating HIPAA.
Our experts talk security with rural health care group
David Ginsberg talked about cyber security during one of the three sessions he led at the Colorado Rural Health Care Annual Rural Health Conference this week.
Expect phishing attacks to follow Equifax hack
With news that cyber criminals stole 143 million credit records in a hacking scandal at Equifax, highly targeted spear phishing attacks are expected.
Latest HIMSS cybersecurity report: threats rise, so does security
The August 2017 HIMSS Cybersecurity Report indicates that respondents are taking proactive steps to stay ahead of security threats.
A new cyber threat is also a HIPAA Security threat
Recent analysis of a new variant of what appeared to be ransomware turns out instead to be malicious software that erases files on computers.
Worldwide ransomware attack is on the move
A quickly spreading ransomware attack is hitting countries across the world, including the United States.
GOP data firm causes largest US voter data leak to date
Political data of 198 million US citizens was exposed after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server.
New expiration for ABN form goes in effect June 21
CMS is implementing mandatory use of the revised ABN form on June 21 with the newly incorporated March 2020 expiration date.
DOJ hits eClinicalWorks hard with $155 million settlement
Last week, eClinicalWork, a prominet ambulatory EHR vendor (who also just released their inpatient product), will pay $155 million as a result of a lawsuit settlement with the Department of Justice. The allegations include false representation of the product’s capabilities during ONC testing, as well as paying customers to use the software – violations of…
Use extreme caution in WannaCry Ransomware Attack
The largest cyberattack in history is hitting the U.S. today. Last week, multiple countries around the world reported falling victim to the WannaCry ransomware attack. Numerous hospitals and healthcare information systems were impacted.
Google Docs used in latest phishing attack
A widespread phishing attack using Google Docs is currently hitting inboxes. This is a good time to be extra cautious about clicking links.
Survey finds 68% healthcare employees will share sensitive info
Results from a recent survey reveal that 68% of healthcare employees occasionally share confidential or regulated data.
Health data breaches rise significantly in March
The number of health data breaches for March was more than January and February combined.
FBI warns of cyber attacks on FTP servers in healthcare
An FBI alert warns the healthcare sector that cyber criminals have stepped up attacks targeting their FTP servers.
HIPAA settlement proves value of audit controls
Having policies and procedures in place is good, as long as you have audit controls to ensure they’re implemented, unlike this Florida healthcare system.
CMS extends Medicare EHR attestation deadline
Providers participating in the Medicare EHR Incentive Program – widely referred to as Meaningful Use – have a little more time to attest to requirements.
PrivaPlan partner QVH Systems releases MIPS Navigator™
PrivaPlan partner QVH Systems recently released a new software solution called MIPS Navigator to help physicians and other health professionals achieve success under Medicare’s new merit-based incentive payment system.
Hospital’s fate warns of tax season scams
On January 25, it was discovered that the tax information of 1,457 hospital employees had fallen into a scammer’s hands in one of the latest W-2 business email compromise attacks.
Phishing campaign uses PDF attachments
The SANS Internet Storm Center warns about an active phishing campaign that utilizes PDF attachments to harvest email credentials from victims.
Patient behind breach using hospital library laptop
The New Hampshire DHHS says a former patient is behind a breach that began on a laptop in the hospital library, affecting approximately 15,000 patients.
Hack of Quest Diagnostics affects 34k people
Quest Diagnostics Inc. is investigating a hack into an internet application on its network that exposed the PHI of about 34,000 people.