Finally, finally, FINALLY: exposed patient files from the Bolton Walk-In Clinic in Ontario have been secured. Now that the data is locked down, we can reveal more details about a seriously frustrating data leak that remained unsecured for at least 10 months while the clinic ignored all our notifications and alerts. It’s a story that…
Category: Health Data
Ontario health agency atHome ordered to inform 200,000 patients of March data breach
Isaac Callan and Colin D’Mello report that Ontario’s health minister is ordering atHome, a provincial agency, to immediately notify approximately 200,000 patients whose data may have been breached in a vendor’s cyberattack in March. There appears to have been a breakdown in what should have happened, as the Health Minister reported that atHome had failed…
Horizon Healthcare RCM discloses ransomware attack in December
Attacks on revenue cycle management (RCM) firms and debt collection firms often provide criminals with a wealth of personal and protected health information because successfully compromising one billing vendor may give access to the sensitive data of numerous covered entities or clients. Horizon Healthcare RCM (“Horizon”) in Indiana is the latest RCM to disclose that…
Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024 (1)
Texas Centers for Infectious Disease Associates (TCIDA) has now issued a press release and sent notification letters to patients affected by an attack they first discovered last July. According to their notice, on July 19, 2024, they learned of unusual activity in their network. Their investigation determined that an unauthorized individual may have accessed or…
Battlefords Union Hospitals notifies patients of employee snooping in their records
Today’s reminder of the insider threat comes to us from Battlefords Union Hospitals in Canada. Battlefords Now reports that between October 1, 2024 and April 4, 2025, an operating room scheduler accessed the MedAccess EHR system to look at personal and primary care medical information for hundreds of patients without a legitimate purpose. That same…
Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
Leela Stockley reports that a data security incident at a Northern Light Health vendor may have compromised some patients’ information. The vendor, Compumedics, provides sleep disorder diagnostic services for health system patients seen at Northern Light Eastern Maine Medical Center, Northern Light AR Gould, and Northern Light Sebasticook Valley Hospital. No report has appeared yet…