HIPAA Journal reports:
HIPAA Danville, PA-based Geisinger Health Plan has discovered the protected health information (PHI) of some of its members has been exposed as a result of a suspected phishing attack on one of its business associates, Magellan NIA.
Magellan NIA provides radiology benefits management services to the health plan, which requires access to plan members’ PHI.
Read more on HIPAA Journal. They did not know how many Geisinger plan members were impacted. Neither does this site, but Magellan reported 55,637 impacted and National Imaging Associates reported 539 impacted when they filed reports with HHS on September 17. It’s just not clear how many covered entities were included in those figures.