Paige A. Thompson, who's been arrested on a charge of hacking into Capital One's network and taking the personal and financial data of 106 million individuals, is also suspected of stealing information from over 30 other organizations, according to new court documents.
Health IT vendor Allscripts says it has reached a preliminary $145 million settlement with the Department of Justice related to the business practices of Practice Fusion, an EHR vendor the company acquired last year. Among the issues involved are HIPAA, HITECH Act and Anti-Kickback Statute compliance.
The National Association of Attorneys General is urging Congress to drop the "cumbersome, out-of-date privacy rules" contained in federal regulations on substance abuse and instead apply the "effective and more familiar" HIPAA Privacy Rule to help address the opioid crisis by easing the sharing of data.
It's been more than two months since lab companies began revealing they had patient data exposed in a data breach at American Medical Collection Agency. But new victim organizations are continuing to emerge, bringing the total to about 18.
More lawsuits have been filed in the wake of the Capital One breach that exposed the data of more than 100 million individuals. GitHub is also a target of one of those lawsuits, which alleges the code-sharing site failed to promptly remove breached data.
Several large breaches involving hacking/IT incidents, including ransomware attacks, have been added in recent weeks to the federal tally of major health data breaches. Here's a rundown of the latest additions.
The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements.
DirectTrust's new effort to develop a standard for instant messaging in healthcare could potentially help providers securely communicate in real time over multiple platforms, says Scott Stuewe, the nonprofit alliance's president and CEO.
Cisco has agreed to pay $8.6 million to settle a whistleblower lawsuit that claimed the networking company sold video surveillance software to local, state and federal agencies over a six-year period that contained serious security vulnerabilities.
A federal judge has granted preliminary approval for a $74 million settlement of a consolidated class action lawsuit against health insurer Premera Blue Cross stemming from a 2014 data breach that affected 11 million individuals. More money will go to security enhancements than to victim reimbursement.
The U.S. Justice Department and the Federal Trade Commission officially announced a privacy settlement with Facebook that includes a record-setting $5 billion fine. As part of the agreement, CEO Mark Zuckerberg must submit quarterly and annual reports to show that the company is in compliance with the FTC order.
A medical equipment benefits administrator is the latest business associate to report a large health data breach affecting patients as well as healthcare providers. What can covered entities do to help prevent falling victim to BA breaches?
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.