#hhsocr — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #hhsocr, aggregated by home.social.
-
DATE: May 20, 2026 at 04:06PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
@HHSOCR Revamps #HIPAA Enforcement Agency: How Might Restructuring Affect #Breach Investigations, Rulemaking, Guidance and Other Efforts?
https://t.co/JRdN4ivPPJ #HHSOCR #HHSHere are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: May 20, 2026 at 04:06PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
@HHSOCR Revamps #HIPAA Enforcement Agency: How Might Restructuring Affect #Breach Investigations, Rulemaking, Guidance and Other Efforts?
https://t.co/JRdN4ivPPJ #HHSOCR #HHSHere are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: May 20, 2026 at 04:06PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
@HHSOCR Revamps #HIPAA Enforcement Agency: How Might Restructuring Affect #Breach Investigations, Rulemaking, Guidance and Other Efforts?
https://t.co/JRdN4ivPPJ #HHSOCR #HHSHere are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: May 20, 2026 at 04:06PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
@HHSOCR Revamps #HIPAA Enforcement Agency: How Might Restructuring Affect #Breach Investigations, Rulemaking, Guidance and Other Efforts?
https://t.co/JRdN4ivPPJ #HHSOCR #HHSHere are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
Methodist Homes of Alabama and Northwest Florida is notifying residents and employees of its second data breach in seven months.
I wonder what #HHSOCR will do when they investigate.
#HIPAA #SecurityRule #RiskAssessment #cybersecurity #healthsec
-
Methodist Homes of Alabama and Northwest Florida is notifying residents and employees of its second data breach in seven months.
I wonder what #HHSOCR will do when they investigate.
#HIPAA #SecurityRule #RiskAssessment #cybersecurity #healthsec
-
Methodist Homes of Alabama and Northwest Florida is notifying residents and employees of its second data breach in seven months.
I wonder what #HHSOCR will do when they investigate.
#HIPAA #SecurityRule #RiskAssessment #cybersecurity #healthsec
-
Methodist Homes of Alabama and Northwest Florida is notifying residents and employees of its second data breach in seven months.
I wonder what #HHSOCR will do when they investigate.
#HIPAA #SecurityRule #RiskAssessment #cybersecurity #healthsec
-
Methodist Homes of Alabama and Northwest Florida is notifying residents and employees of its second data breach in seven months.
I wonder what #HHSOCR will do when they investigate.
#HIPAA #SecurityRule #RiskAssessment #cybersecurity #healthsec
-
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
[It's an insider wrongdoing case from 2018 that we never heard about at the time]
-
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
[It's an insider wrongdoing case from 2018 that we never heard about at the time]
-
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
[It's an insider wrongdoing case from 2018 that we never heard about at the time]
-
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
[It's an insider wrongdoing case from 2018 that we never heard about at the time]
-
HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
[It's an insider wrongdoing case from 2018 that we never heard about at the time]
-
DATE: April 17, 2025 at 05:41PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#Guam Hospital Pays @HHSOCR $25K to Settle #HIPAA Investigation https://t.co/icn0x1ShGs #HHSOCR #GMHA
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
The Office of Civil Rights in the Department of Health and Human Services (HHS/OCR) used to do a fairly good job of protecting patient's sensitive information. They did this by enforcing the HIPAA security rules and penalties for non-compliance included fines, mandatory compliance programs, and CEO liability.
No longer.
HHS/OCR has now been weaponized to enforce anti-DEI initiatives of the current administration. Here is the recent headline from HHS/OCR:
"OCR Investigates a Major Medical School in California for Reportedly Prioritizing Discriminatory Race-Based Criteria over Academic Merit"
Right. What nonsense. Welcome aboard - your pilot is Dangerous and your Co-pilot is Stupid. Have a good flight.
This will not be good.
-
The Office of Civil Rights in the Department of Health and Human Services (HHS/OCR) used to do a fairly good job of protecting patient's sensitive information. They did this by enforcing the HIPAA security rules and penalties for non-compliance included fines, mandatory compliance programs, and CEO liability.
No longer.
HHS/OCR has now been weaponized to enforce anti-DEI initiatives of the current administration. Here is the recent headline from HHS/OCR:
"OCR Investigates a Major Medical School in California for Reportedly Prioritizing Discriminatory Race-Based Criteria over Academic Merit"
Right. What nonsense. Welcome aboard - your pilot is Dangerous and your Co-pilot is Stupid. Have a good flight.
This will not be good.
-
The Office of Civil Rights in the Department of Health and Human Services (HHS/OCR) used to do a fairly good job of protecting patient's sensitive information. They did this by enforcing the HIPAA security rules and penalties for non-compliance included fines, mandatory compliance programs, and CEO liability.
No longer.
HHS/OCR has now been weaponized to enforce anti-DEI initiatives of the current administration. Here is the recent headline from HHS/OCR:
"OCR Investigates a Major Medical School in California for Reportedly Prioritizing Discriminatory Race-Based Criteria over Academic Merit"
Right. What nonsense. Welcome aboard - your pilot is Dangerous and your Co-pilot is Stupid. Have a good flight.
This will not be good.
-
The Office of Civil Rights in the Department of Health and Human Services (HHS/OCR) used to do a fairly good job of protecting patient's sensitive information. They did this by enforcing the HIPAA security rules and penalties for non-compliance included fines, mandatory compliance programs, and CEO liability.
No longer.
HHS/OCR has now been weaponized to enforce anti-DEI initiatives of the current administration. Here is the recent headline from HHS/OCR:
"OCR Investigates a Major Medical School in California for Reportedly Prioritizing Discriminatory Race-Based Criteria over Academic Merit"
Right. What nonsense. Welcome aboard - your pilot is Dangerous and your Co-pilot is Stupid. Have a good flight.
This will not be good.
-
DATE: March 25, 2025 at 05:35PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
@HHSOCR Launches New Round of @HIPAA @ComplianceAudits https://t.co/H1mTSpm4G3 #HHSOCR
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly.
Some findings from #Bluesight 2025 Breach Barometer report plus additional observations and my frustration with #HHSOCR for not enforcing the notification requirements in #HIPAA and #HITECH.
-
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly.
Some findings from #Bluesight 2025 Breach Barometer report plus additional observations and my frustration with #HHSOCR for not enforcing the notification requirements in #HIPAA and #HITECH.
-
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly.
Some findings from #Bluesight 2025 Breach Barometer report plus additional observations and my frustration with #HHSOCR for not enforcing the notification requirements in #HIPAA and #HITECH.
-
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly.
Some findings from #Bluesight 2025 Breach Barometer report plus additional observations and my frustration with #HHSOCR for not enforcing the notification requirements in #HIPAA and #HITECH.
-
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly.
Some findings from #Bluesight 2025 Breach Barometer report plus additional observations and my frustration with #HHSOCR for not enforcing the notification requirements in #HIPAA and #HITECH.
-
So... apart from the fact that I don't think they should have dropped charges against this doctor, is HHS going to investigate why the hospital gave access to patient data to a former employee/resident who no longer worked there and was never these patients' doctor?
US Justice Department drops case against Texas doctor charged with leaking transgender care data:
https://www.wfaa.com/article/news/local/us-justice-department-drops-case-against-doctor-charged-with-leaking-transgender-care-data/287-3e8a394d-41fb-41bf-bf72-fd012b87851b#HealthSec #HIPAA #SecurityRule #databreach #privacy #confidentiality #insiderthreat #HHS #HHSOCR
-
So... apart from the fact that I don't think they should have dropped charges against this doctor, is HHS going to investigate why the hospital gave access to patient data to a former employee/resident who no longer worked there and was never these patients' doctor?
US Justice Department drops case against Texas doctor charged with leaking transgender care data:
https://www.wfaa.com/article/news/local/us-justice-department-drops-case-against-doctor-charged-with-leaking-transgender-care-data/287-3e8a394d-41fb-41bf-bf72-fd012b87851b#HealthSec #HIPAA #SecurityRule #databreach #privacy #confidentiality #insiderthreat #HHS #HHSOCR
-
So... apart from the fact that I don't think they should have dropped charges against this doctor, is HHS going to investigate why the hospital gave access to patient data to a former employee/resident who no longer worked there and was never these patients' doctor?
US Justice Department drops case against Texas doctor charged with leaking transgender care data:
https://www.wfaa.com/article/news/local/us-justice-department-drops-case-against-doctor-charged-with-leaking-transgender-care-data/287-3e8a394d-41fb-41bf-bf72-fd012b87851b#HealthSec #HIPAA #SecurityRule #databreach #privacy #confidentiality #insiderthreat #HHS #HHSOCR
-
So... apart from the fact that I don't think they should have dropped charges against this doctor, is HHS going to investigate why the hospital gave access to patient data to a former employee/resident who no longer worked there and was never these patients' doctor?
US Justice Department drops case against Texas doctor charged with leaking transgender care data:
https://www.wfaa.com/article/news/local/us-justice-department-drops-case-against-doctor-charged-with-leaking-transgender-care-data/287-3e8a394d-41fb-41bf-bf72-fd012b87851b#HealthSec #HIPAA #SecurityRule #databreach #privacy #confidentiality #insiderthreat #HHS #HHSOCR
-
So... apart from the fact that I don't think they should have dropped charges against this doctor, is HHS going to investigate why the hospital gave access to patient data to a former employee/resident who no longer worked there and was never these patients' doctor?
US Justice Department drops case against Texas doctor charged with leaking transgender care data:
https://www.wfaa.com/article/news/local/us-justice-department-drops-case-against-doctor-charged-with-leaking-transgender-care-data/287-3e8a394d-41fb-41bf-bf72-fd012b87851b#HealthSec #HIPAA #SecurityRule #databreach #privacy #confidentiality #insiderthreat #HHS #HHSOCR
-
HHS OCR settles charges that Inmediata Health Group was exposing patient protected health info online for 3 years due to a webpage error.
Inmediata previously settled a class action lawsuit stemming from the 2016-2019 leak. They also settled a lawsuit by 33 state attorneys general last year. The HHS OCR settlement was for $250k monetary penalty; no corrective action plan was needed since the states' settlement already included a corrective action plan.
Direct link to the resolution agreement:
Inmediata even had trouble with their incident response, as noted on my blog at the time: https://databreaches.net/2019/04/30/in-the-process-of-notifying-patients-of-a-web-exposure-breach-inmediata-experiences-a-mail-exposure-breach/
#HIPAA #HHSOCR #SecurityRule #Exposure #Databreach #dataleak #healthsec #Infosecurity
-
HHS OCR settles charges that Inmediata Health Group was exposing patient protected health info online for 3 years due to a webpage error.
Inmediata previously settled a class action lawsuit stemming from the 2016-2019 leak. They also settled a lawsuit by 33 state attorneys general last year. The HHS OCR settlement was for $250k monetary penalty; no corrective action plan was needed since the states' settlement already included a corrective action plan.
Direct link to the resolution agreement:
Inmediata even had trouble with their incident response, as noted on my blog at the time: https://databreaches.net/2019/04/30/in-the-process-of-notifying-patients-of-a-web-exposure-breach-inmediata-experiences-a-mail-exposure-breach/
#HIPAA #HHSOCR #SecurityRule #Exposure #Databreach #dataleak #healthsec #Infosecurity
-
HHS OCR settles charges that Inmediata Health Group was exposing patient protected health info online for 3 years due to a webpage error.
Inmediata previously settled a class action lawsuit stemming from the 2016-2019 leak. They also settled a lawsuit by 33 state attorneys general last year. The HHS OCR settlement was for $250k monetary penalty; no corrective action plan was needed since the states' settlement already included a corrective action plan.
Direct link to the resolution agreement:
Inmediata even had trouble with their incident response, as noted on my blog at the time: https://databreaches.net/2019/04/30/in-the-process-of-notifying-patients-of-a-web-exposure-breach-inmediata-experiences-a-mail-exposure-breach/
#HIPAA #HHSOCR #SecurityRule #Exposure #Databreach #dataleak #healthsec #Infosecurity
-
HHS OCR settles charges that Inmediata Health Group was exposing patient protected health info online for 3 years due to a webpage error.
Inmediata previously settled a class action lawsuit stemming from the 2016-2019 leak. They also settled a lawsuit by 33 state attorneys general last year. The HHS OCR settlement was for $250k monetary penalty; no corrective action plan was needed since the states' settlement already included a corrective action plan.
Direct link to the resolution agreement:
Inmediata even had trouble with their incident response, as noted on my blog at the time: https://databreaches.net/2019/04/30/in-the-process-of-notifying-patients-of-a-web-exposure-breach-inmediata-experiences-a-mail-exposure-breach/
#HIPAA #HHSOCR #SecurityRule #Exposure #Databreach #dataleak #healthsec #Infosecurity
-
HHS OCR settles charges that Inmediata Health Group was exposing patient protected health info online for 3 years due to a webpage error.
Inmediata previously settled a class action lawsuit stemming from the 2016-2019 leak. They also settled a lawsuit by 33 state attorneys general last year. The HHS OCR settlement was for $250k monetary penalty; no corrective action plan was needed since the states' settlement already included a corrective action plan.
Direct link to the resolution agreement:
Inmediata even had trouble with their incident response, as noted on my blog at the time: https://databreaches.net/2019/04/30/in-the-process-of-notifying-patients-of-a-web-exposure-breach-inmediata-experiences-a-mail-exposure-breach/
#HIPAA #HHSOCR #SecurityRule #Exposure #Databreach #dataleak #healthsec #Infosecurity
-
#HHSOCR announced a $1.19M monetary penalty for Gulf Coast Pain Consultants stemming from a 2019 #databreach. Now we find out that the "third party" that accessed the data was a former contractor.
The covered entity got hit with a fine for failure to:
- conduct an accurate and thorough risk analysis to determine the potential risks and vulnerabilities to ePHI in its systems;
- implement procedures to regularly review records of activity in information systems;
- implement procedures to terminate former workforce members’ access to ePHI; and
- implement procedures for establishing and modifying workforce members’ access to information systems.
-
#HHSOCR announced a $1.19M monetary penalty for Gulf Coast Pain Consultants stemming from a 2019 #databreach. Now we find out that the "third party" that accessed the data was a former contractor.
The covered entity got hit with a fine for failure to:
- conduct an accurate and thorough risk analysis to determine the potential risks and vulnerabilities to ePHI in its systems;
- implement procedures to regularly review records of activity in information systems;
- implement procedures to terminate former workforce members’ access to ePHI; and
- implement procedures for establishing and modifying workforce members’ access to information systems.
-
#HHSOCR announced a $1.19M monetary penalty for Gulf Coast Pain Consultants stemming from a 2019 #databreach. Now we find out that the "third party" that accessed the data was a former contractor.
The covered entity got hit with a fine for failure to:
- conduct an accurate and thorough risk analysis to determine the potential risks and vulnerabilities to ePHI in its systems;
- implement procedures to regularly review records of activity in information systems;
- implement procedures to terminate former workforce members’ access to ePHI; and
- implement procedures for establishing and modifying workforce members’ access to information systems.
-
#HHSOCR announced a $1.19M monetary penalty for Gulf Coast Pain Consultants stemming from a 2019 #databreach. Now we find out that the "third party" that accessed the data was a former contractor.
The covered entity got hit with a fine for failure to:
- conduct an accurate and thorough risk analysis to determine the potential risks and vulnerabilities to ePHI in its systems;
- implement procedures to regularly review records of activity in information systems;
- implement procedures to terminate former workforce members’ access to ePHI; and
- implement procedures for establishing and modifying workforce members’ access to information systems.
-
#HHSOCR announced a $1.19M monetary penalty for Gulf Coast Pain Consultants stemming from a 2019 #databreach. Now we find out that the "third party" that accessed the data was a former contractor.
The covered entity got hit with a fine for failure to:
- conduct an accurate and thorough risk analysis to determine the potential risks and vulnerabilities to ePHI in its systems;
- implement procedures to regularly review records of activity in information systems;
- implement procedures to terminate former workforce members’ access to ePHI; and
- implement procedures for establishing and modifying workforce members’ access to information systems.
-
Still in the dark: A “500 marker” on HHS's public breach tool is updated, but too many still aren’t. Is HHS doing anything about this??
Spoiler alert: They don't seem to be.
#HIPAA #HITECH #HealthSec #HHSOCR #HHS #OCR #Transparency #Accountability #Enforcement #databreach #cybersecurity #infosec
-
Still in the dark: A “500 marker” on HHS's public breach tool is updated, but too many still aren’t. Is HHS doing anything about this??
Spoiler alert: They don't seem to be.
#HIPAA #HITECH #HealthSec #HHSOCR #HHS #OCR #Transparency #Accountability #Enforcement #databreach #cybersecurity #infosec
-
Still in the dark: A “500 marker” on HHS's public breach tool is updated, but too many still aren’t. Is HHS doing anything about this??
Spoiler alert: They don't seem to be.
#HIPAA #HITECH #HealthSec #HHSOCR #HHS #OCR #Transparency #Accountability #Enforcement #databreach #cybersecurity #infosec
-
Still in the dark: A “500 marker” on HHS's public breach tool is updated, but too many still aren’t. Is HHS doing anything about this??
Spoiler alert: They don't seem to be.
#HIPAA #HITECH #HealthSec #HHSOCR #HHS #OCR #Transparency #Accountability #Enforcement #databreach #cybersecurity #infosec
-
Still in the dark: A “500 marker” on HHS's public breach tool is updated, but too many still aren’t. Is HHS doing anything about this??
Spoiler alert: They don't seem to be.
#HIPAA #HITECH #HealthSec #HHSOCR #HHS #OCR #Transparency #Accountability #Enforcement #databreach #cybersecurity #infosec
-
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation under HIPAA Security Rule for $250,000 - September 26, 2024
This stemmed from a March 2017 #ransomware attack and #databreach affecting Cascade Eye & Skin Centers in WA. #HHSOCR became aware of it in May 2017.
Why did it take 7+ years to resolve this?
And btw, I never knew about this breach and even now, cannot find any major media coverage or disclosure of it at the time. And it never showed up on HHS's public breach tool during all this time. Why didn't it show up if it affected 291,000?
This is HHSOCR's 4th ransomware-related investigation under the #HIPAA Security Rule.
-
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation under HIPAA Security Rule for $250,000 - September 26, 2024
This stemmed from a March 2017 #ransomware attack and #databreach affecting Cascade Eye & Skin Centers in WA. #HHSOCR became aware of it in May 2017.
Why did it take 7+ years to resolve this?
And btw, I never knew about this breach and even now, cannot find any major media coverage or disclosure of it at the time. And it never showed up on HHS's public breach tool during all this time. Why didn't it show up if it affected 291,000?
This is HHSOCR's 4th ransomware-related investigation under the #HIPAA Security Rule.
-
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation under HIPAA Security Rule for $250,000 - September 26, 2024
This stemmed from a March 2017 #ransomware attack and #databreach affecting Cascade Eye & Skin Centers in WA. #HHSOCR became aware of it in May 2017.
Why did it take 7+ years to resolve this?
And btw, I never knew about this breach and even now, cannot find any major media coverage or disclosure of it at the time. And it never showed up on HHS's public breach tool during all this time. Why didn't it show up if it affected 291,000?
This is HHSOCR's 4th ransomware-related investigation under the #HIPAA Security Rule.
-
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation under HIPAA Security Rule for $250,000 - September 26, 2024
This stemmed from a March 2017 #ransomware attack and #databreach affecting Cascade Eye & Skin Centers in WA. #HHSOCR became aware of it in May 2017.
Why did it take 7+ years to resolve this?
And btw, I never knew about this breach and even now, cannot find any major media coverage or disclosure of it at the time. And it never showed up on HHS's public breach tool during all this time. Why didn't it show up if it affected 291,000?
This is HHSOCR's 4th ransomware-related investigation under the #HIPAA Security Rule.
-
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation under HIPAA Security Rule for $250,000 - September 26, 2024
This stemmed from a March 2017 #ransomware attack and #databreach affecting Cascade Eye & Skin Centers in WA. #HHSOCR became aware of it in May 2017.
Why did it take 7+ years to resolve this?
And btw, I never knew about this breach and even now, cannot find any major media coverage or disclosure of it at the time. And it never showed up on HHS's public breach tool during all this time. Why didn't it show up if it affected 291,000?
This is HHSOCR's 4th ransomware-related investigation under the #HIPAA Security Rule.