Home » CTEK in the News » Judge rules MD Anderson must pay $4.3M for HIPAA violations

× Share this Article

Facebook
Twitter
Email
LinkedIn

Judge rules MD Anderson must pay $4.3M for HIPAA violations

June 19, 2018 Mayuri Kumar

Share this Article
Facebook
Twitter
Email
LinkedIn

An HHS administrative law judge has ruled that MD Anderson Cancer Center violated HIPAA and must pay $4,348,000 to the HHS Office for Civil Rights.

The violations date back to three separate breach reports in 2012 and 2013. The incidents involved the stealing of an unencrypted laptop from an MD Anderson employee’s residence, as well as the loss of two unencrypted USB thumb drives holding the unencrypted ePHI of more than 33,500 people.

David Holtzman’s commentary on the MD Anderson HIPAA violation was featured in MedCity News article. Click here to read more.

MD Anderson Cancer Center Fined $4.3 M For Data Breach

Planning to Fail? And Did You Know?

Most Recent Articles

Hive is a new & potentially devastating type of ransomware. Here’s what you need to know.

Ben Denkers, EVP of operations at CynergisTek, breaks down what hive ransomware is and how damaging it can be in this article.

Alleged HVAC Hack Shines Spotlight on OT Risks to Healthcare

David Finn, Executive Vice President at CynergisTek, offers commentary for this piece which discusses the recent targeted attack on HVAC.

Why It's Time to Reassess IAM in Healthcare

David Finn offers commentary for this piece, which covers unique operational requirements and the different segments of healthcare that can also face different difficulties with IAM.

CMMC and the Cyber Future of America's Defense Industrial Base

In this Interview, Caleb Barlow discusses CMMC and major defense contractors' future with cyber security.

Helping Healthcare Organizations Tackle Cybersecurity Threats

Ben Denkers, EVP of operations at CynergisTek, discusses CynergisTek's dynamic cybersecurity and privacy solutions to help our healthcare clients build an approach that responds every day.

CARES Act and changes to how substance use disorder records are shared

Marti Arvin, Executive Advisor at CynergisTek, shares her comments on the uncertain impacts of the changes to the CARES Act.

Four CMMC actions to take right now

Caleb Barlow discusses ways to improve CMMC readiness once the DoD comes knocking.

Classifying Critical Infrastructure – Caleb Barlow, CynergisTek

In this video, Caleb Barlow discusses what qualifies as critical infrastructure, and what’s getting left out.

Pipeline cyberattack raises concerns over critical U.S. infrastructure security

In this Interview, Caleb Barlow, CEO of CynergisTek discusses the recent pipeline cyberattack and how organizations can invest even more in cybersecurity to prevent an attack.

Scripps Health patients frustrated after May 1 cyber attack

Caleb Barlow, CEO of CynergisTek discusses the need for healthcare organizations to invest even more in cybersecurity, as well as the importance of multi-factor authentication.

ER Physician Association Hacked

Marti Arvin covers the American College of Emergency Physicians, which says a "malware" attack affected tens of thousands of the group's current and former members.

CynergisTek’s Barlow: We Need to Think About COVID-19 Data-Related Breaches Going Forward

Caleb Barlow provided commentary for this article, where he shares his perspectives about the recent breach at Atascadero State Hospital in California.

A look at Darkside ransomware. Ransomware attacks on schools are up. REvil hits Acer. California state employee exposes COVID patient data.

Caleb Barlow offers commentary on the recent story about a California state employee exposing the COVID-19 test and tracking data of more than two thousand people.

California breach highlights contact tracing data vulnerabilities

Caleb Barlow offers commentary on the recent story about a California state employee exposing the COVID-19 test and tracking data of more than two thousand people.

‘Accountability framework’ proposed to promote secure health care practices

David Finn covers a new report from the CyberPeace Institute highlighting the toll that cyberattacks are taking on the health care industry.

Data extortion attempts signal new era for ransomware tactics

Caleb Barlow covers a new report from Crowdstrike revealing that 97 healthcare organizations victimized by ransomware attacks using extortion in 2020.

Healthcare Cybersecurity Sets New Course of Action in 2021

Caleb Barlow discusses how the increase in cyberattacks compromises both patient safety and weakens trust in the healthcare sector and how they must implement a three-point action plan to change.

Cybercriminals post health system employee information online

Caleb Barlow details how a hacker group known for ransomware attacks posted sensitive employee files online following a cyberattack at a New Mexico health system.

Ransomware Attack's Economic Impact: $67 Million

Marti Arvin discusses ransomware attacks and other disruptive cyber incidents that have been surging in the healthcare sector, especially during the COVID-19 pandemic.

Workplace violence: Key considerations for healthcare entities

Marti Arvin discusses difficulties working in the healthcare industry and additional environmental stressors which can affect healthcare workers as well as patients and their families.

Return to Home

Insights Center

Judge rules MD Anderson must pay $4.3M for HIPAA violations

Previous Article

Next Article