On April 11, Cornwall Community Hospital (CCH) in Ottawa reported some “network Issues” and for patients to expect some delays as they worked to restore systems. The hospital’s EHR system was not affected by the attack. On April 13, CCH said they had determined that the network issues were a “cyber incident” and external experts…
Category: Health Data
Lawsuit Claims Mount Nittany Health Shared Private Patient Information with Facebook, Google (update1)
Geoff Rushton reports: A lawsuit filed in Centre County Court this week alleges that Mount Nittany Health violated medical privacy rights by disclosing patients’ private information to Facebook, Google and other third-party websites without their knowledge. Ah. Another tracker lawsuit, right? What caught DataBreaches’ eye about this one was the following: … Mount Nittany has…
Patient Advances Data Breach Class Action Against Lamoille Health
Christopher Brown reports: Lamoille Health Partners Inc. must face a proposed class action alleging it negligently failed to protect the personal information of 60,000 people that was exposed in a data breach. Lamoille Health wasn’t entitled to immunity from suit under the Public Health Service Act because the lawsuit’s data breach allegations weren’t interwoven with…
Retina & Vitreous of Texas notifies 35,766 patients of ransomware attack but doesn’t call it one
On April 10, Retina & Vitreous Associates of Texas issued a press release about a security incident discovered in February. They write, in part, “On February 1, 2023, Retina & Vitreous became aware of unusual activity within its network and discovered that there had been unauthorized access to the environment…… On February 15, 2023, the investigation…
Looks like Karakurt is back… (Update 1)
And they have added two medical entities to their leak site today — Medicalodges in Kansas and Petaluma Health Center in California. They provide no proof for either claim, and neither entity has any notice on their respective sites about any incident, so for now, these are unconfirmed claims. Update 1: DataBreaches received a statement…
HHS Office for Civil Rights Announces the Expiration of COVID-19 Public Health Emergency HIPAA Notifications of Enforcement Discretion
Notifications of Enforcement Discretion expire at 11:59 pm on May 11, 2023 Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announces that the Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health…