February 20, 2020

January 2020 HIPAA Breaches

OCR’s Breach Portal indicated that 32 breaches occurred in January 2020 affecting over 500,000 individuals. One breach, involving California not-for-profit, PIH Health (PIH), affected close to 200,000 patients. In June 2019, PIH learned that certain employee email accounts had potentially been accessed without authorization because of a targeted email phishing campaign. PIH conducted an investigation with the assistance of an independent cybersecurity expert and confirmed that certain employee email accounts had been accessed without authorization during a one-week period in June 2019.