Two breaches involving unauthorized access have led to notifications in recent weeks.
In the first, Reliant Rehabilitation Hospital of North Houston notified HHS that there had been a breach involving its business associate, Computer Programs and Systems, Inc. According to the HHS listing, 763 individuals were affected by unauthorized access of email. The breach occurred on February 9. No notice or information appears on either the hospital’s web site of CPSI’s web site as of today’s date.
In the second incident, Preferred Health Partners notified the NYS Consumer Protection Board on April 13 that a breach involving unauthorized access affected 661 NYS residents. No notice appears on their web site as of today’s date and it is unclear from the log whether the breach involved patient information, employee information, or some combination.
While the above information is helpful in that neither breach was reported in the mainstream media, the types of information provided on HHS’s web site and the NYS Consumer Protection site do not provide sufficient detail to permit categorization and analysis of breaches. Hopefully, both HHS and NYS will consider providing more information on their public sites.