Cybercriminals and other hackers can still find ways around what Microsoft Outlook said was a fix for a vulnerability, according to Wired.

Elizabeth (Colo.) Family Health began notifying 28,375 patients Nov. 22 of a security incident that may have exposed patient information.

Medical billing and coding provider Healthcare Administrative Partners is notifying 17,693 patients of a data breach that may have exposed their protected health information.

A patient filed a class-action lawsuit Nov. 29 against Solara Medical Supplies, claiming his personal and medical information is at risk after a data breach at the device company, according to GovInfoSecurity.

Despite the fact that the partnership between Google and St. Louis-based Ascension to gather and share patient data may meet the guidelines of HIPAA, it doesn't mean that healthcare leaders shouldn't be cautious, according to a Harvard Business Review article by David Blumenthal, MD, president of the Commenwealth Fund.

Beaver, Pa.-based Heritage Valley Health System has filed a lawsuit against Nuance over a 2017 malware attack that caused major disruption at the system, according to the Pittsburgh Post-Gazette.

Omaha-based Nebraska Medicine began notifying patients Dec. 3 of a security incident that may have exposed their protected health information, according to local NBC affiliate WOWT.

Numerous privacy incidents at hospitals, IT suppliers and other healthcare organizations captured public attention throughout 2019.

The Virginia Department of Health is reminding consumers that they should not use third-party services to obtain their vital records, according to local ABC affiliate 13 News Now.

Irving, Texas-based Choice Cancer Care Treatment Center is notifying 14,673 patients of a data breach that may have exposed their protected health information.

Consumers' personal health information is vulnerable to access by third-party companies that track healthcare websites yet do not obtain direct consent from the individuals, according to a Dec.2 Tech Radar report.  

Flint, Mich.-based McLaren Health Plan began notifying members Nov. 27 of a phishing attack at one of the insurer's third-party vendors, according to mlive.com.

Norfolk, Va.-based Sentara Hospitals has agreed to pay the Office for Civil Rights $2.175 million to settle alleged HIPAA violations, according to a Nov. 27 news release.

Numerous privacy incidents at hospitals, IT suppliers and other healthcare organizations captured public attention last month.

Minneapolis-based Children's Minnesota recently notified 37,942 patients about a system error that may have exposed their protected health information.

North Platte, Neb.-based Great Plains Health is working to restore its email, EHR and other computer services after being targeted in a ransomware attack Nov. 25, according to local NBC affiliate KNOP.

St. Louis-based Ascension and Google have made headlines over the past few weeks over Project Nightingale," an initiative designed to gather patient data to create healthcare solutions.

Google has terminated four employees for allegedly sharing sensitive information, including details of medical appointments, according to a memo confirmed by CNBC.

Staff at more 110 nursing homes and acute-care facilities have been unable to access patient records since Nov. 17 after internet security and data storage services provider Virtual Care Provider was hit with a ransomware attack, according to the Milwaukee Journal Sentinel.

Cape Girardeau, Mo.-based Saint Francis Healthcare System began notifying patients Nov. 20 about a ransomware attack at the system's Ferguson Medical Group.