May 2020 saw a marked fall in the number of reported healthcare data breaches compared to April, with 28 data breaches of 500 or more records reported to the HHS’ Office for Civil Rights.
March 2020 saw a 7.69% month-over-month decrease in the number of reported healthcare data breaches and a 45.88% reduction in the number of breached records.
In January, healthcare data breaches of 500 or more records were reported to the Department of Health and Human Services’ Office for Civil Rights at a rate of more than one a day.
A hacker gained access to the systems of a NY-based billing collections company American Medical Collection Agency and potentially viewed and copied the PHI of 11.9 million Quest Diagnostics patients.
Medical Informatics Engineering, Inc. has paid $100,000 to the Office for Civil Rights, and has agreed take corrective action to settle potential violations of the HIPAA Privacy and Security Rules.
Touchstone Medical Imaging has agreed to pay $3,000,000 to OCR, and to adopt a corrective action plan to settle potential violations of the HIPAA Security and Breach Notification Rules.
OCR’s final settlement of the year occurred in December 2018, when Cottage Health agreed to pay $3 million to OCR and to adopt a substantial corrective action plan to settle potential violations.