New York Attorney General Letitia James today announced a $600,000 agreement with EyeMed that resolves a 2020 data breach that compromised the personal information of approximately 2.1 million consumers nationwide, including 98,632 in New York state. EyeMed — which provides vision benefits to members of vision plans offered by both licensed underwriters and employers — experienced a…
Category: Health Data
WA: Patient info possibly disclosed in Spokane Health District data breach
Erin Robinson reports: The personal health information of more than 1,000 people may have been disclosed when staff at Spokane Regional Health District opened a phishing email. The data breach happened on December 21, 2021. SRHD Information Technology staff were immediately alerted and discovered files containing client-protected health information may have been “previewed” by the…
St. Lucie’s County Drug Screening Lab notifying more than 14,500 people after discovering multi-year misconfiguration of web portal
St. Lucie’s County Drug Screening Lab offers a variety of types of drug screening St. Lucie, Martin, Okeechobee and Indian River Counties. Juvenile & Adult Drug Screens Court Related Drug Screens Parent Visitation Screens (parent tests before & after visitation!) Random Drug Screens Pre-employment Drug Screens Employee Drug Screens (reasonable suspicion) Student, Cadet & Athlete Screens Teenager Screens (test your teen to…
Proposed settlement reached in lawsuit against Excellus
One year after Excellus settled with OCR over a 2015 data breach, there is now a proposed settlement in a class action lawsuit that was filed in response to the breach. The terms of the settlement, which have not yet been approved by the court, do not involve paying even one dime to class members….
University of Arkansas for Medical Sciences notifying 518 patients after employee emailed PHI to her personal gmail account
Log Cabin Democrat reports: On Nov. 29, 2021, UAMS became aware that a former employee sent emails from her UAMS email to her personal Gmail account with patient information attached on November 15, 2021, while still employed with UAMS. The attachments consisted of Excel spreadsheets used for internal billing compliance auditing purposes and/or billing statements…
Revised Health Breach Notification Rule resources spell out companies’ legal obligations
Lesley Fair writes: Shoppers can find a plethora of apps, trackers, and sensors that hold or capture almost every conceivable form of personal health information. If your business or nonprofit offers products like that or provides certain services to entities that do – and you aren’t subject to HIPAA – you may be covered by…