Hoboken Radiology LLC in New Jersey issued a press release yesterday about an incident that began in June, 2019. The full text of the release is below the separator. DataBreaches.net has sent an inquiry to the practice asking them who informed them in November — was it law enforcement, a vendor, a researcher, or their…
Category: Health Data
Caravus impacted by Netgain Technology breach because vendor failure to destroy legacy data
I’ve continued to add updates to a post about the Netgain Technology breach. Keep in mind that the ransomware incident occurred in November, 2020, and since January, we have seen entities disclosing the incident. But one disclosure today is somewhat frustrating to read — and not just for the delay in notification, but for the…
NZ: New Zealand, hacker attack: Zeppelin ransomware blocks patient care at Waikato DHB
Marco A. De Felice writes: More than a week after the May 18 cyber attack, the computer systems of the Waikato District Health Board (Waikato DHB) have not yet been restored. Some scheduled surgeries in DHB’s five hospitals have been postponed, while non-urgent cases are postponed until all IT systems are back in operation. From…
Having your ePHI dumped on the dark web by threat actors doesn’t necessarily give you standing to sue
In May, 2020, Assured Imaging in Arizona experienced a ransomware attack that they revealed in August, 2020.The incident reportedly impacted 244,813 patients. The data dump by the Pysa threat actors contained a lot of ePHI that appeared to be mostly mammography pre-screening histories or forms with data types such as medical record number, names, addresses,…
Bengaluru civic body faces flak over data breach of Covid patients
Devina Sengupta&Akshatha M report: Covid-19 data records of those who have tested in Bengaluru were out in the public domain for some time, which is a clear violation of IT rules around data privacy and can lead to misuse of the information, experts have said. Free Software Movement of India, a coalition of organisations working on data privacy, on Tuesday…
AEON Clinical Laboratories (Peachstate) Pays $25,000 to Settle Potential HIPAA Security Rule Violations
Peachstate Health Management, LLC, doing business as AEON Clinical Laboratories (Peachstate), has agreed to pay $25,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. …