EVERSANA, a global commercial services provider to healthcare entities, has disclosed a data breach that occurred between between April 1 and July 3, 2019. The breach reportedly affected patient data stored in a legacy technology environment, which has since been updated. According to their notification, “Upon notification of unusual email activity, the firm immediately conducted…
Category: Health Data
Criminal investigation launched into breach of confidential patient records at Rand Memorial Hospital
The Public Hospitals Authority for the Bahamas issued the following: The Public Hospitals Authority (PHA) has launched a criminal investigation into the leak and dissemination on social media of a purported confidential document pertaining to clients of the Grand Bahama Health Services. The PHA has been assured that the matter which is now in the…
Alert from OCR: Individual Posing as OCR Investigator
From OCR, this alert: It has come to OCR’s attention that an individual posing as an OCR Investigator has contacted HIPAA covered entities in an attempt to obtain protected health information (PHI). The individual identifies themselves on the telephone as an OCR investigator, but does not provide an OCR complaint transaction number or any other…
Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do
Microsoft is doing its bit to help hospitals and care facilities to protect themselves from human-operated ransomware attacks. In a blog post published today, they write, in part: While a wide range of adversaries have been known to exploit vulnerabilities in network devices, more and more human-operated ransomware campaigns are seeing the opportunity and are jumping on…
First-Ever CCPA Cause of Action Filed in a Federal Court, but Is This Class Claim Short-Lived?
Cynthia J. Larose and Natalie Prescott of Mintz discuss a lawsuit previously noted on this site: Fuentes v. Sunshine Behavioral Health Group, LLC. The lawsuit followed a data leak of PHI due to a misconfiguration of a database. The leak was first reported by DataBreaches.net who had alerted the entity to their leak. I’m going…
American HomePatient Data Breach Class Action Settlement
Top Class Actions reports: American HomePatient has agreed to pay $1 million to resolve claims that they failed to protect patient data in a burglary incident. The settlement benefits current or former patients and customers of American HomePatient Inc. and Lincare Holdings Inc. whose personal identifying information was stored on the unencrypted hard drives stolen…