And as this work week drew to a close, we also learned about these breaches involving patient data that were reported to HHS earlier this month: Dialyze Direct, LLC in New Jersey notified HHS that 14,203 patients were impacted by an incident they coded as a hacking/IT incident involving email. There is no statement on…
Category: Health Data
WVa: Wheeling Health Right victim of ransomware attack
From the notice on their website: Notice Regarding Recent Data Breach What Happened? On January 18, 2022, Wheeling Health Right discovered that our organization was victimized by a ransomware attack that encrypted our systems. Upon discovery of the security incident, we engaged legal counsel and a data breach remediation firm to conduct an investigation into…
HIPAA’s Role in Setting Good Security
Matt Fisher writes: The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking. Why is OCR asserting that HIPAA can prevent or substantially mitigate a cyber attack? The primary answer is…
Health insurance: Data of more than 500,000 people stolen in France
Hannah Thompson reports: The health data of more than half a million people in France have been stolen from insurance body l’Assurance maladie after the accounts of healthcare staff were hacked. The 19 accounts, mainly belonging to pharmacists, were hacked after their email addresses were compromised. Data stolen include the names, surnames, date of birth,…
OCR Cybersecurity Newsletter: Defending Against Common Cyber-Attacks
From OCR’s newsletter today: Throughout 2020 and 2021, hackers have targeted the health care industry seeking unauthorized access to valuable electronic protected health information (ePHI). The number of breaches of unsecured ePHI reported to the U.S Department of Health and Human Service’s Office for Civil Rights (OCR) affecting 500 or more individuals due to hacking…
Arkansas AG Sues Defunct Health Provider for Mishandling Patient Records
Scott Carroll reports: Arkansas Attorney General Leslie Rutledge on Thursday announced a lawsuit against the defunct Eastern Ozarks Regional Health for failing to protect sensitive patient information after it closed. The former hospital in Cherokee Village is accused of leaving behind thousands of unsecured patient and employee records that contain social security numbers, driver’s license…