East House is a private, nonprofit agency in Rochester, New York that serves individuals with persistent mental illness and/or substance use disorder. Yesterday, they issued a press release about a breach: ROCHESTER, N.Y., Feb. 17, 2020 /PRNewswire/ — Although unaware of any actual or attempted misuse, East House is providing notice of a data privacy event impacting the…
Category: Health Data
Data breach at Monroe County Hospital & Clinics results in notification to 7,500 patients
Tyler J. Davis reports: More than 7,000 patients of a south-central Iowa medical system have been notified that their personal information may have been leaked in a data breach. Monroe County Hospital & Clinics said in a news release Monday that approximately 7,500 people were notified that the breach may have led to unauthorized access…
Wise Health updates its breach notification of last summer
In July 2019, this site noted that Wise Health in Texas had notified HHS about a HIPAA breach impacting 35,899 patients. The report concerned a phishing incident in March, 2019 that was discovered in April, 2019. Last week, Wise Health issued another press release, reproduced below. At first blush, it might sound like a new…
Threat Vector Number 1
Britton White is a cybersecurity & HIPAA Compliance advisor. The following article is reproduced with his kind permission. Email is the bane of our existence and the number one threat vector….. there’s no other way to say it. I’ve rummaged through over 30 hospitals and hundreds of clinics (some multiple times) in my time conducting…
Potential class action lawsuits filed against two more ransomware victims
On Thursday, I reported on a potential class action lawsuit that had been filed against two hospitals in Puerto Rico that suffered a ransomware attack. As I noted in my post, none of the named plaintiffs claimed that they had suffered any concrete injury or harm other than the cost and time involved in monitoring…
PSL Services in Maine notifies HHS, clients after discovering employee email accounts compromised
A press release from PSL Services in Maine (they are a HIPAA-covered entity): Peregrine Corporation d/b/a PSL Services (“PSL Services”) today announced that a recent event may have impacted the security of personal information relating to certain residents of Maine. While PSL Services is still in the process of identifying impacted individuals in order to…