Last year 1.7 million Oregon Medicaid patients had their Protected Health Information (PHI) compromised when hackers attacked Performance Health Technology (PH Tech) – a claims processor that serves community-based health plans.
PH Tech used the MOVEit file transfer program in its work, and a zero-day vulnerability in the MOVEit program allowed hackers to break into files held by PH Tech.
PH Tech is a HIPAA business associate and its customer, Health Share Oregon, is a covered entity.
- Do you know if you are a business associate or a covered entity?
- Do you have any vendors that are considered Business Associates under HIPAA?
- Does your HIPAA policy include up to date Business Associate Agreements with any qualifying vendors?
No responses yet