The HIPAA Journal

The Washington-based employee benefits administrator Navia Benefit Solutions has disclosed a data breach that affected almost 2.7 million individuals. Washington State Health Care Authority has confirmed that it was one of the affected clients. zurl.co/rcq2K

Essen Medical Associates Agree to $4 Million Settlement to Resolve Class Action Data Breach Lawsuit zurl.co/DACxe

The U.S. Food and Drug Administration has issued a class 2 device recall for certain GE Centricity Universal Viewer Software versions due to a vulnerability that could be exploited to impact system availability or manipulate data. zurl.co/SNFjy

Final Rule Implementing HIPAA Security Rule Updates Edges Closer zurl.co/gyY8w

CISA has advised U.S. organizations to follow Microsoft guidance for hardening security for the Intune endpoint management tool following the data wiping attack on the medical technology firm Stryker. zurl.co/PRoqg

GuardDog Telehealth Admits Improper Access to Medical Records zurl.co/dcBBR

Trinity Health and University of Pittsburgh Medical Center are notifying patients about potential unauthorized access to patient data by third parties via a Health Information Exchange (HIE). zurl.co/NWNgx

Data breaches have recently been reported by Cedar Valley Services and Health Dimensions Group in Minnesota, and Community Nurse in Massachusetts. zurl.co/nV7n8

Data breaches have recently been announced by Delta Medical Systems in Wisconsin, Ansell Healthcare Products in New Jersey, and FuturHealth in California. zurl.co/1DNcU

CommonSpirit Health patients have been affected by a ransomware attack on a vendor of one of its business associates. The incident affected 19,027 Washington residents. zurl.co/2EA5d

Meadowlark Hills retirement community in Kansas and MedPeds Associates of Sarasota in Florida have announced data breaches. The Beast ransomware group has claimed responsibility for both attacks. zurl.co/h9YGE

A data breach has been announced by Tieu Dental Corporation in California. The Children’s Council of San Francisco has determined that more than 12,650 individuals have been affected by a ransomware attack. zurl.co/vkk4L

Orthopaedic Institute of Western Kentucky Patients Affected by Vendor Data Breaches zurl.co/cqYSY

Research on Email Security Identifies Top Security Risks in 2026 zurl.co/EaDOi #healthcare #cybersecurity #hipaa #compliance

Long Island Plastic Surgical Group Pays $2.6M to Settle Class Action Lawsuit Over BlackCat Ransomware Attack zurl.co/8uopq

Third Ransomware Negotiator Charged with Involvement with BlackCat Ransomware Group zurl.co/md9j5

Proliance Surgeons Settles Data Breach Litigation for $4,450,000 zurl.co/UrnYK

ID Care in New Jersey and Barrio Comprehensive Family Health Care Center (CommuniCare) in Texas have confirmed that patients’ personal and protected health information have been compromised in recent data security incidents. zurl.co/tXkyZ

Iran Linked Hacking Group Wipes Data of U.S. Medical Device Manufacturer zurl.co/rVMYP

Centerwell, a provider of senior healthcare services in 30 U.S. states, has experienced a cyberattack and data breach. Lakeside Pediatric & Adolescent Medicine has recently notified individuals affected by an October 2024 data breach. zurl.co/aLiaP