Cybersecurity

Ransomware cyber attacks have been a prominent threat to the healthcare industry. In this case, First Choice Dental, a large dental practice with multiple locations across Wisconsin, was targeted by hackers in October 2023. The hackers gained access to sensitive information including patient names, dates of birth, Social Security numbers, passport numbers, driver’s license numbers

An article in the August issue of Healthcare Risk Management, “DOJ Targeting Healthcare for False Claims Act Enforcement,” discussed recent enforcement activity by the U.S. Department of Justice (DOJ) under the False Claims Act (FCA). Rivkin Radler’s Jeff Kaiser was quoted in the article.

Jeff predicted that the FCA will continue to

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced another settlement for alleged violations of HIPAA. OCR investigated BayCare Health System, which serves central Florida, after a patient complained to OCR in 2018 that her medical record was accessed by an unauthorized individual.

The patient told OCR that she

The U.S. Department of Justice (DOJ) announced on February 18 that Health Net Federal Services, LLC and its corporate parent, Centene Corporation, agreed to pay $11,253,400 to resolve False Claims Act (FCA) claims. Health Net, a federal contractor responsible for administering TRICARE, allegedly falsely certified compliance with cybersecurity requirements in its contract with the U.S.

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) imposed a $240,000 civil monetary penalty against Providence Medical Institute in connection with a ransomware attack that revealed vulnerabilities in the Institute’s systems and potential HIPAA violations.

The Institute was the victim of a series of ransomware attacks in 2018 that compromised

An article in the September issue of Healthcare Risk Management’s HIPAA Regulatory Alert, “Hospital Terminates Employees for Allowing Another to Do Their Jobs,” discussed a recent incident at Mass General Brigham in Somerville, MA. Upon investigation, the hospital discovered that two employees inappropriately allowed a third person, who was not a hospital

The Office of the New York State Attorney General announced on August 13 that Letitia James, along with the Attorneys General of Connecticut and New Jersey, fined Enzo Biochem, Inc. $4.5 million for failing to adequately safeguard its patients’ health data.

Enzo conducts drug research and development, and provides diagnostic services. In 2023, hackers accessed

On July 1, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced that Heritage Valley Health System, a provider in Pennsylvania, Ohio and West Virginia, agreed to pay $950,000 to resolve potential violations of the HIPAA Security Rule. Heritage Valley’s alleged violations included failure to conduct a risk analysis to

On Thursday, June 13, in the next installment of Rivkin Radler’s Healthcare Compliance Lunch & Learn series, Rivkin Radler partner Ashley Algazi will present ”Conducting HIPAA Breach Assessments and Disclosures: Requirements and Tips for Success.”  The program will take place from 12:00 noon to 1:00 PM Eastern time via Zoom.

Some of the topics covered

Rivkin Radler’s Frank Izzo and Jeff Ehrhardt authored an article in the Spring 2024 issue of USLAW magazine, “New York Joins List of States Prohibiting Geofencing Near Healthcare Facilities.” The article discussed geofencing laws, enacted partly in response to the Supreme Court Dobbs decision, in depth by state.

Sign up to receive Rivkin Rounds at