All Posts

This is a test post to see if my feed will pick it up.

A widely used patient portal in New Zealand reported a cyber breach two days before the New Year, affecting up to 126,000 people.  On New Year's Day, private company Manage My Health disclosed that it had been notified of unauthorised access to its patient portal application on 30 December.  In an update two days later, it said that an independent forensic analysis found one module within the app, Health Documents, was compromised while the rest of its system was "secure and

STATEN ISLAND, N.Y. — Northwell Staten Island University Hospital has agreed to settle a class action lawsuit over a data breach  that exposed the personal information of more than 35,000 patients. The Medibase Group Inc. — a vendor that provides health care solutions, technical assistance and business office solutions — discovered the breach in May 2024, court documents indicate.

Just as pharma marketers have started getting their heads around the complexity of data privacy laws , AI regulation is right around the corner. No federal law overseeing AI in healthcare currently exists. But several states have launched new laws that could have an impact on how pharma marketers implement the technology throughout the marketing journey — from chatbots and digital avatars to personalization and targeting.

Issaqueena Pediatric Dentistry in South Carolina, Enhabit Home Health & Hospice in Texas, and AltaMed Health Services in California have announced that patient data has potentially been compromised in ransomware attacks.

About 100,000 Munson Healthcare patients, the vast majority in Michigan, may be impacted by a data breach, with the health system sending letters this month about the matter and offering free services for two years to protect the patients' identities. Munson Healthcare is based in Traverse City and serves people in 29 counties in northern Michigan, a vacation destination, so some patients in other states also may be impacted by the breach, Rachel Roe, the health system's chie

TALLAHASSEE, Fla. (WCJB) - Starting Thursday, a state law went into effect that speeds up refunds for patients who are overcharged for healthcare. Senate Bill 1808 requires healthcare providers to refund overcharged patients within 30 days. Providers who miss the deadline could face fines or penalties.

ROCHESTER, N.Y. (WROC) — The New York State Department of Health has imposed a $666,000 civil penalty against Waterview Heights Rehabilitation and Nursing Center following two years of serious regulatory violations, including widespread medication errors, failures to prevent resident abuse and neglect, and insufficient staffing. Under a stipulation and order signed in December, the facility is required to pay $100,000. The remaining $566,000 will be suspended, and ultimately

Prosecutors with the Connecticut  Division of Justice issued a report on Tuesday announcing that a licensed behavioral health clinician from Middletown was sentenced last week for defrauding the state’s Medicaid program. Sixty-six-year-old Darlene Shuff-Porter, also known as Darlene Dailey, was sentenced on Feb. 11 to three years in prison, execution of time suspended, with five years of conditional discharge for her criminal scheme.

A federal grand jury in Rhode Island has charged two former top executives of Colorado-based medical device company Zynex Inc. with fraud, accusing them of raking in hundreds of millions of dollars for unnecessary equipment and supplies. Former Zynex CEO Thomas Sandgaard, 67, of Castle Rock, Colorado, and former Chief Operating Officer Anna Lucsok, 39, of Denver, each face nine counts of healthcare fraud, two counts of mail fraud and three counts of aggravated identity theft,

More than two million people’s sensitive case records — related to child welfare in Utah and psychiatric treatments at the Utah State Hospital — have not been adequately protected and are easily accessible to over 2,000 employees, according to a report published Tuesday. After a whistleblower reached out to a hotline run by Utah Auditor Tina Cannon’s office, it began looking into how the state’s health agency is handling access to the records.

Ensuring the security and privacy of protected health information (PHI) is a critical responsibility for healthcare organizations and their business associates. One of the foundational elements in maintaining compliance with the Health Insurance Portability and Accountability Act (HIPAA) is conducting a comprehensive risk analysis. This process helps identify vulnerabilities, assess potential threats, and implement safeguards to protect sensitive data. A thorough HIPAA risk a

In today’s digital age, healthcare providers face unique challenges in protecting sensitive patient information. The rise of electronic health records (EHRs), telemedicine, and connected medical devices has made healthcare data a prime target for cybercriminals. Understanding the essentials of healthcare data security is crucial for safeguarding patient privacy and maintaining trust. Understanding Healthcare Data Security Healthcare data security involves protecting patient i

In today’s healthcare environment, protecting patient information is more critical than ever. Understanding how to conduct a thorough HIPAA risk evaluation is essential for healthcare providers and organizations handling sensitive health data. This process helps identify vulnerabilities, mitigate risks, and ensure compliance with federal regulations. Mastering the essentials of HIPAA risk evaluation not only safeguards patient privacy but also protects your organization from

ALBANY, New York — Gov. Kathy Hochul wants to work with House Republicans to ensure noncitizens and low-income New Yorkers continue to receive health care coverage beyond July. Finding any takers inside the Empire State’s GOP delegation hasn’t been easy. At stake is health care for roughly 1.5 million New Yorkers who may lose coverage following approval of President Donald Trump’s sweeping tax-and-spending package .

A bill that would require Iowa’s medical facilities to inform regulators of any serious medical errors is again facing opposition from the state’s hospitals. Senate File 2185  would require Iowa hospitals, ambulatory surgical centers and birth centers to report any “serious reportable events” — sometimes called “never events” — to the Iowa Department of Inspections, Appeals and Licensing.

It is no secret that cybercriminals commonly target the healthcare sector due to the valuable, sensitive data these organizations collect and store. While 2025 recorded the greatest number of data breaches to date, current statistics show healthcare-specific breaches decreased by 4.3% year-over-year, according to data from the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR). However, the HIPPA Journal’s 2025 Healthcare Data Breach Report  notes t

Carespring Health Care Management in Ohio and LifeBridge Health in Maryland have agreed to settle class action lawsuits stemming from data breaches. Carespring Health Care Management Carespring Health Care Management has agreed to settle a class action lawsuit stemming from an October 2023 cyberattack and data breach. Hackers gained access to the protected health information of 64,609 individuals , including names, dates of birth, Social Security numbers, financial informatio

The HHS Office for Civil Rights announced new  civil enforcement mechanisms  to protect substance use disorder, or SUD, patient records. Effective Feb. 16, 2026, entities subject to 42 CFR Part 2 rules, commonly known as "Part 2," are required to comply with breach notification requirements or else face penalties aligned with those administered under HIPAA. Entities are now able to file breach reports under Part 2 using a new form on OCR's existing  breach portal , and OCR wi

On a Tuesday morning in 2025, PIH Health Hospitals in California woke up to every healthcare administrator's nightmare: their systems were locked by ransomware . Over 3 million patients suddenly couldn't access healthcare services. Medical records were inaccessible. Scheduled surgeries had to be postponed. Emergency rooms diverted patients to other facilities. This wasn't an isolated incident. It was one of dozens of major healthcare ransomware attacks  in 2025 alone. SimonMe