Russell Myers reports: A hospital worker at the private clinic where the Princess of Wales had abdominal surgery is set to face a criminal prosecution following an investigation into claims that the Princess' medical records had allegedly been accessed by staff in 2024, it is understood. A total of three trusted employees, who worked at The... Source
Do you remember the horrific American Medical Collection Agency (Retrieval-Masters Creditors Bureau Inc.) breach in 2019? You can refresh your memory by scrolling through the Related posts below this one, but TL;DR: LabCorp was one of AMCA's clients that was affected by the breach, and in July 2019, they notified HHS that 10,251,784 patients had... Source
In July 2025, the Nova ransomware gang stole cervical cancer screening data on 850,000 women held by Clinical Diagnostics ("Eurofins"). The lab paid them an undisclosed ransom amount, but that has not been the end of the lab's problems. In May 2026, the Dutch Health and Youth Care Inspectorate concluded that the laboratory had failed... Source
NHK News reports: Japan's National Hospital Organization says hard drives from two hospitals in Hokkaido were listed on auction sites, resulting in a leak of personal information from at least 180,000 patients and employees. The group warns that the leak could potentially affect up to 510,000 people. Last June, the Hokkaido Medical Center — part... Source
Mason Lewsey reports: Thousands of Essex patient records were compromised in a cyber attack linked to a major NHS data breach, MSE has confirmed. Mid and South Essex NHS Foundation Trust revealed that around 2,380 patient test records were stolen in the attack, which affected data held by third-party provider Synnovis. The trust operates Southend... Source
Comprehensive draft-vs-final redline analysis, sector-specific readiness assessments, and a comment-letter database covering every public submission. Free for any practice that needs it.
A 24-month read of OCR filings across 1,847 dental, optometry, and chiropractic incidents reveals a single shared failure mode — and three controls that consistently break the chain.
A field study with anonymized network traffic across 40 practices. The median count surprised even the practices themselves — and only 9 of those 27 had current BAAs.
A Dark Reading analysis of the INC ransomware group finds the threat actor targets pressure-sensitive sectors like healthcare by executing well-understood attack techniques that basic controls would stop.
Analysis of the INC ransomware group shows it has sustained its campaign by focusing on sectors where service disruption creates immediate payment pressure, with healthcare a consistent target.
Analysis of the INC ransomware group shows it deliberately targets sectors where operational disruption creates immediate payment pressure, with healthcare near the top of that list.
Ransomware group FulcrumSec leaked data stolen from pharmaceutical manufacturer Novo Nordisk after a $25 million extortion demand was not met, exposing supply-chain risk for US healthcare partners.
HIPAA Pulse is a publication from Patient Protect, the HIPAA compliance platform built for independent healthcare practices. We cover breaches, OCR enforcement, regulatory developments, and tactical guidance for the people who actually have to comply with the rule. The breach data, regulatory tracking, and pattern analysis are useful regardless of what software you use.