Health Data – Page 30 – DataBreaches.Net

Anna Jaques Hospital notifies 316,300 people about 2023 ransomware attack

Posted on December 7, 2024 by Dissent

On Christmas, December 2023, Anna Jaques Hospital (AJH) in Massachusetts was grappling with a cyberattack that knocked out their EHR system and resulted in them having to divert ambulances to other area hospitals. On January 23, they posted a preliminary website notice (archived) about the attack. That notice was posted four days after threat actors…

Veterans Affairs’ Nurse Charged With Unlawfully Accessing Patient Health Information

Posted on December 6, 2024 by Dissent

Here’s today’s reminder of the insider threat. It’s a shame they don’t explain how the employee was able to access the patient’s information or why it was accessed. From the U.S.A.O. of the Western District of Michigan: GRAND RAPIDS – U.S. Attorney for the Western District of Michigan Mark Totten today announced that Jessica Nicole Pitcher,…

HHS OCR Imposes a $548,265 Penalty Against Children’s Hospital Colorado for HIPAA Violations

Posted on December 5, 2024 by Dissent

Not all monetary penalties are for breaches affecting large numbers of patients. In this case, HHS imposed a penalty on an entity that had breaches in both 2017 and 2020. DataBreaches notes that the 2017 incident affected 3,370 patients, and the 2020 incident affected 2,553 patients — as reported to HHS at the time. Today,…

Change Healthcare Data Breach Settlement Talks To Be Explored Early in MDL

Posted on December 3, 2024 by Dissent

Irvin Jackson reports: Parties involved in the federal Change Healthcare data breach lawsuits have been ordered to meet separately with a U.S. Magistrate Judge over the next two months, to discuss the most effective structure for settlement talks and the optimum timing for when negotiations should begin that may provide payouts to millions of Americans. The potential…

HHS Office for Civil Rights Imposes a $1.19 Million Penalty Against Gulf Coast Pain Consultants for HIPAA Security Rule Violations

Posted on December 3, 2024December 3, 2024 by Dissent

In April 2019, DataBreaches reported that Gulf Coast Pain Consultants, LLC d/b/a Clearway Pain Solutions Institute had recently notified patients after discovering on February 20 that their EMR system had been accessed by a third party without authorization. At the time, they disclosed that 35,000 patients had been affected but they did not indicate that…

Bolton Walk-In Clinic in Ontario: lock down your backup already!

Posted on December 3, 2024June 12, 2025 by Dissent

DataBreaches hates reporting on an incident when the entity has not yet secured misconfigured storage, but after four months of futile efforts to get a Canadian clinic to respond to responsible disclosures, maybe publication will help get them off the dime. Bolton Walk-In Clinic in Ontario has a data protection policy that says: We are…