DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Fresno physician notifying patients after office burglary

Posted on August 3, 2015 by Dissent

Lawyers for Olartino Dyoco, M.D., a physician in California, are notifying his patients that some of their information was on computers stolen during an office burglary. The burglary was discovered on June 2. The stored billing information included:

Names and addresses,  birth dates, telephone numbers, insurance numbers, treatment codes, and billing information”

The incident was reported to the Fresno Police Department; their report number 15-38894.

The notification letter, a copy of which was submitted to the California Attorney General’s Office, makes a somewhat interesting claim, however:

The circumstances that resulted in this breach were unforeseeable,

Why?

In any event, according to his lawyers, Dr. Dyoco

has heightened procedures and safeguards to prevent a recurrence of this situation. He added levels of encryption to his computer systems, and advised his staff with regard to security training anything to avoid this situation in the future.

“Added levels of encryption?” Was there any encryption at all? If there was encryption but it was not NIST-grade, then he would have had to report this, but it’s not clear from the letter whether there was any encryption to begin with.

Patients (or their parents) having questions can call the doctor’s lawyer, Christian Koster, of Schuering Zimmerman & Doyle, LLP, at the toll-free number provided in the notification letter.

Comment:

All in all, this letter would have come across much better, in my opinion, if it had been written as coming directly from the doctor, with an apology coming directly from him for the inconvenience and worry his patients may now experience. What do you think?

 

Category: Health DataTheftU.S.

Post navigation

← Tremco, Inc. notifying employees about lost laptop
IL: Batavia Container sues former employee for trade secrets theft →

2 thoughts on “Fresno physician notifying patients after office burglary”

  1. Leighann Ford says:
    August 4, 2015 at 10:37 am

    I also found the “heightened procedures and safeguards” interesting. With the exception of requiring employees to take laptops home each night or lock them to their desk, how would Security Training prevent a burglary in the future?

    And shouldn’t credit monitoring have been mentioned since billing info was potentially accessed?

    1. Dissent says:
      August 4, 2015 at 12:30 pm

      Credit monitoring isn’t necessary unless SSN are involved. If it’s card numbers/bank acct numbers that were stored, then just call the bank and alert them so they can cancel the acct and reissue new number, or they can flag the account to watch for suspicious activities.

      That said, it would have been helpful for the notification to indicate what types of billing info were involved and to advise patients more specifically as to what steps to take.

      Also, what about the risk of medical identity theft if insurance numbers were stored with names and DOB? Where’s the mitigation/advice for that risk?

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.