HIPAA Clicks https://hipaaclicks.com Daily HIPAA News, HIPAA RSS Feeds, HIPAA Information Mon, 13 Jul 2020 12:44:56 +0000 en-US hourly 1 https://wordpress.org/?v=5.4.2 120316464 New Century Health Achieves NCQA Accreditation in Utilization Management – StreetInsider.com https://www.streetinsider.com/Business+Wire/New+Century+Health+Achieves+NCQA+Accreditation+in+Utilization+Management/17106013.html Mon, 13 Jul 2020 12:42:00 +0000 http://hipaaclicks.com/?guid=306344a16a212c2b27e71e175c7425b3 New Century Health Achieves NCQA Accreditation in Utilization Management  StreetInsider.com]]> 377021 Benefit Recovery Specialists Hacked and PHI of 274,837 Individuals Exposed https://www.hipaajournal.com/benefit-recovery-specialists-hacked-and-phi-of-274837-individuals-exposed/ Mon, 13 Jul 2020 12:28:32 +0000 https://www.hipaajournal.com/?p=17934 The Houston, TX-based billing and collection company, Benefit Recovery Specialists, Inc., (BRSI) has announced it has discovered malware on its systems that may have allowed unauthorized individuals to view or obtain protected health information. The personal and protected health information (PHI) on BRSI systems had been provided to the company in its capacity as a […]

The post Benefit Recovery Specialists Hacked and PHI of 274,837 Individuals Exposed appeared first on HIPAA Journal.

]]>
The Houston, TX-based billing and collection company, Benefit Recovery Specialists, Inc., (BRSI) has announced it has discovered malware on its systems that may have allowed unauthorized individuals to view or obtain protected health information.

The personal and protected health information (PHI) on BRSI systems had been provided to the company in its capacity as a business associate and included the PHI of current and former members and patients of its health plan and healthcare provider customers.

The malware was discovered on April 30, 2020 and an internal investigation was immediately launched. Third-party computer forensics specialists were engaged to help investigate the breach and determine the extent and scope of the attack. The investigation revealed an unauthorized individual had gained access to BRSI systems using stolen employee credentials. Once a foothold had been established in the network, the attacker downloaded malware.

The forensic investigators concluded that the attacker first gained access to BRSI systems on April 20, 2020 and had access to the systems until April 30, 2020. During that time, PHI was accessible and may have been exfiltrated. The substitute breach notice on the BRSI website makes no mention of the type of malware involved.

The types of sensitive data on the compromised parts of its systems included names, dates of birth, dates of service, provider names, policy identification numbers, procedure codes, and/or diagnosis codes. The Social Security numbers of some individuals were also potentially compromised.

The investigation into the breach concluded on May 29, 2020 and patients started to be notified on June 2, 2020. No evidence of misuse of individuals’ PHI was identified, but affected individuals have been told to be alert to the risk of identity theft and fraud and have been advised to carefully monitor their account and explanation of benefits statements for signs of misuse of their information. Based on the substitute breach notice, it does not appear that credit monitoring services are being offered to breach victims.

The incident has been reported to the Department of Health and Human Services’ Office for Civil Rights. The breach summary indicates 274,837 individuals have been affected, making this one of the largest healthcare data breaches to be reported in 2020.

The post Benefit Recovery Specialists Hacked and PHI of 274,837 Individuals Exposed appeared first on HIPAA Journal.

]]>
377018
Benefit Recovery Specialists Hacked and PHI of 274,837 Individuals Exposed https://www.hipaajournal.com/benefit-recovery-specialists-hacked-and-phi-of-274837-individuals-exposed/ Mon, 13 Jul 2020 12:28:32 +0000 https://www.hipaajournal.com/?p=17934 The Houston, TX-based billing and collection company, Benefit Recovery Specialists, Inc., (BRSI) has announced it has discovered malware on its systems that may have allowed unauthorized individuals to view or obtain protected health information. The personal and protected health information (PHI) on BRSI systems had been provided to the company in its capacity as a […]

The post Benefit Recovery Specialists Hacked and PHI of 274,837 Individuals Exposed appeared first on HIPAA Journal.

]]>
The Houston, TX-based billing and collection company, Benefit Recovery Specialists, Inc., (BRSI) has announced it has discovered malware on its systems that may have allowed unauthorized individuals to view or obtain protected health information.

The personal and protected health information (PHI) on BRSI systems had been provided to the company in its capacity as a business associate and included the PHI of current and former members and patients of its health plan and healthcare provider customers.

The malware was discovered on April 30, 2020 and an internal investigation was immediately launched. Third-party computer forensics specialists were engaged to help investigate the breach and determine the extent and scope of the attack. The investigation revealed an unauthorized individual had gained access to BRSI systems using stolen employee credentials. Once a foothold had been established in the network, the attacker downloaded malware.

The forensic investigators concluded that the attacker first gained access to BRSI systems on April 20, 2020 and had access to the systems until April 30, 2020. During that time, PHI was accessible and may have been exfiltrated. The substitute breach notice on the BRSI website makes no mention of the type of malware involved.

The types of sensitive data on the compromised parts of its systems included names, dates of birth, dates of service, provider names, policy identification numbers, procedure codes, and/or diagnosis codes. The Social Security numbers of some individuals were also potentially compromised.

The investigation into the breach concluded on May 29, 2020 and patients started to be notified on June 2, 2020. No evidence of misuse of individuals’ PHI was identified, but affected individuals have been told to be alert to the risk of identity theft and fraud and have been advised to carefully monitor their account and explanation of benefits statements for signs of misuse of their information. Based on the substitute breach notice, it does not appear that credit monitoring services are being offered to breach victims.

The incident has been reported to the Department of Health and Human Services’ Office for Civil Rights. The breach summary indicates 274,837 individuals have been affected, making this one of the largest healthcare data breaches to be reported in 2020.

The post Benefit Recovery Specialists Hacked and PHI of 274,837 Individuals Exposed appeared first on HIPAA Journal.

]]>
377017
Three Privacy Enhancing Techniques That Can Bolster the COVID-19 Response – Datanami https://www.datanami.com/2020/07/13/three-privacy-enhancing-techniques-that-can-bolster-the-covid-19-response/ Mon, 13 Jul 2020 12:10:29 +0000 http://hipaaclicks.com/?guid=dbf9325aa54baa9e4ea85f756a3c31ca Three Privacy Enhancing Techniques That Can Bolster the COVID-19 Response  Datanami]]> 377015 InterMed Announces New InterAid Triage and Telemedicine Programs – AiThority https://aithority.com/technology/life-sciences/intermed-announces-new-interaid-triage-and-telemedicine-programs/ Mon, 13 Jul 2020 11:37:47 +0000 http://hipaaclicks.com/?guid=d6a3d582733a822138072814d44a37d0 InterMed Announces New InterAid Triage and Telemedicine Programs  AiThority]]> 377011 The 20 MSP Achieves HIPAA Compliance with Compliancy Group – PR Web https://www.prweb.com/releases/the_20_msp_achieves_hipaa_compliance_with_compliancy_group/prweb17250994.htm Mon, 13 Jul 2020 11:02:38 +0000 http://hipaaclicks.com/?guid=c7cfd678f3de004de5abc701aa604b67 The 20 MSP Achieves HIPAA Compliance with Compliancy Group  PR Web]]> 377024 The 20 MSP Achieves HIPAA Compliance with Compliancy Group – PR Web http://www.prweb.com/releases/the_20_msp_achieves_hipaa_compliance_with_compliancy_group/prweb17250994.htm Mon, 13 Jul 2020 11:00:49 +0000 http://hipaaclicks.com/?guid=fa8214a255c839bff64b3b8978e02bdf The 20 MSP Achieves HIPAA Compliance with Compliancy Group  PR Web]]> 377008 InterMed Announces New InterAid Triage and Telemedicine Programs – PRNewswire https://www.prnewswire.com/news-releases/intermed-announces-new-interaid-triage-and-telemedicine-programs-301091709.html Mon, 13 Jul 2020 10:00:00 +0000 http://hipaaclicks.com/?guid=24ed513c47eed83e644b547a01ff2752 InterMed Announces New InterAid Triage and Telemedicine Programs  PRNewswire]]> 377006 Personal privacy – Does the pandemic change the rules? – Healthcare IT News https://www.healthcareitnews.com/news/europe/personal-privacy-does-pandemic-change-rules Mon, 13 Jul 2020 09:24:34 +0000 http://hipaaclicks.com/?guid=74f3f86733866019e3b42adcf1723ba2 Personal privacy – Does the pandemic change the rules?  Healthcare IT News]]> 377001 Ashland restaurant enforcing mask mandate – WYMT https://www.wymt.com/2020/07/13/ashland-restaurant-enforcing-mask-mandate/ Mon, 13 Jul 2020 06:08:13 +0000 http://hipaaclicks.com/?guid=10b8acfc4d3676c71c5503c97ca2f916 Ashland restaurant enforcing mask mandate  WYMT]]> 376994