I’m not sure what it might take to get a real shift in how entities approach security of employee email accounts. Despite known risks of phishing and hacks, a tremendous amount of personally identifiable information (PII) and protected health information (PHI) resides in emails or email attachments in employee accounts. Read the following chronology provided…
Category: Health Data
Georgia hospital claims it is investigating medical records theft, suspends employees
Laura Dyrda reports that Landmark Hospital of Athens in Georgia is investigating the theft of medical records and on June 19 suspended three employees who may have been involved. But there’s likely a lot more to this story than employees stealing medical records. Four nurses at that hospital have filed a lawsuit against the hospital accusing…
Ca: Security lapses in eHealth system increased risk of cyberattack, says auditor
Arthur White-Crummey reports: After finding numerous security gaps on laptops, tablets and smartphones connected to the eHealth system, Saskatchewan’s provincial auditor warned they could increase the risk of cyberattacks like the one that compromised sensitive personal information late last year. Judy Ferguson’s office identified unencrypted devices, inappropriate security settings, unrestricted USB ports and untrained staff…
CHI St. Luke’s Health Memorial Lufkin notifies patients of April security incident
June 22 — CHI St. Luke’s Health-Memorial Lufkin announced today that it has taken action after becoming aware of an incident that took place on April 23, 2020 in which an unapproved third party gained access to patient information. Though we have no evidence to confirm that information was actually viewed or obtained by the…
Florida Orthopedic Institute hit by ransomware
Florida Orthopedic Institute has notified the California Attorney General’s Office of a ransomware attack on April 6. Their notification does not indicate what type of ransomware was involved, or whether they paid any ransom. They are offering their patients identity monitoring services with Kroll, but note that they have no evidence that any patient data…
Ministry still tracing cause of Indonesia’s COVID-19 patient data leak
Antara News reports an update to a breach that first came to light when a data broker listed the data for sale on RaidForums. The Ministry of Communication and Informatics (Kominfo) currently continues to trace the reason behind the alleged hacking of a database containing information of the country’s COVID-19 patients that was circulated in…