Barrow County in Georgia issued a breach notice about a breach of its email environment that occurred between March and August of 2022. Its notification, posted on its website, states, in part: The type of information at issue varied for each individual, but included a variation of the following: name; date of birth, Social Security…
Category: Health Data
HHS Office for Civil Rights Settles HIPAA Investigation with iHealth Solutions Regarding Disclosure of Protected Health Information on an Unsecured Server for $75,000
HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident involved an unsecured server where protected health information of patients was exfiltrated. The iHealth incident had been discovered by Kromtech Security and was first reported by DataBreaches on May 9, 2017. On May 10,…
Four senior residences in Pennsylvania disclose a data security breach in April
Four senior residences have disclosed that they were the victims of a network intrusion in April that may have compromised residents’ personal and protected health information. Senior Choice, Inc., dba The Atrium in Johnstown, Beacon Ridge in Indiana, and The Patriot in Somerset reported an incident that occurred between April 18 and April 23. The…
Former Highmark employee accused of misusing customer info to steal money from their health savings accounts
Jillian Hartmann of WPXI reports on an insider-wrongdoing case that has affected 8 customers of Highmark Health: Allegheny County District Attorney’s office charged Zakayah Scott who worked remotely from South Carolina for Highmark Health. Authorities said Scott had access to customers’ personal information including birthdays, addresses and phone numbers. They said she called Highmark’s customer…
Two apprehended in CoWin portal data leak case
IANS reports: In a major breakthrough, the Delhi Police Special Cell has apprehended a man and a juvenile from Bihar in connection with the alleged data leak from the CoWin portal, the Centre’s official platform for Covid-19 vaccination registration and certification. According to police sources, the adult man, whose identity has been withheld pending further…
Vincera Institute notifies patients after ransomware attack
Vincera Institute in Philadelphi is notifying patients of a ransomware incident that occurred on April 29. From their press release, below, it sounds like they have not confirmed nor ruled out unauthorized access, exfiltration, or misuse of data. Vincera reported the incident to HHS on June 20 as four entities: Vincera Core Physicians reported that…