Nsikan Akpan has a report on PBS that is worth reading, especially now that I’ve gotten rid of their headline that I really really really didn’t think was accurate. Apkan starts by reminding us all how a ransomware attack on a hospital could have life-threatening consequences. But the main point of his piece is to…
Category: Health Data
Geisinger Health Plan Notifies Members About Business Associate Phishing Attack at Magellan NIA
HIPAA Journal reports: HIPAA Danville, PA-based Geisinger Health Plan has discovered the protected health information (PHI) of some of its members has been exposed as a result of a suspected phishing attack on one of its business associates, Magellan NIA. Magellan NIA provides radiology benefits management services to the health plan, which requires access to…
OCR Imposes a $2.15 Million Civil Money Penalty against Jackson Health System
Note: coverage of the breaches referenced below can be found on this stie by searching it for “Jackson Health System.” The following is a press release from the U.S. Department of Health Office for Civil RIghts: The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services has imposed a civil…
Phishing Incident at Kalispell Regional Healthcare May Have Affected 129,000 Patients
Myers Reece reports: Beginning today, Kalispell Regional Healthcare is mailing out letters to nearly 130,000 patients whose personal information may have been involved in a data breach over the summer. Patients’ personal information may have included their name, address, medical record number, date of birth, telephone number, email address, medical history and treatment information, date…
Everything’s broken, Monday edition (medical data leaks)
It seems that every week I hear from researchers who find patient data or medical data exposed. And I know some of them spend inordinate amounts of time trying to contact entities to get them to secure their unsecured sensitive data. Some of these researchers do this for no pay and no expectation or hope…
Mishandling of Veterans’ Sensitive Personal Information on VA Shared Network Drives — Audit by Veterans Affairs OIG
VA OIG 19-06125-218 | October 17, 2019 From the Executive Summary: The OIG team found that veterans’ sensitive personal information was left unprotected on two shared network drives, where it was accessible to VSO officers who did not represent those veterans. Senior Office of Information and Technology (OIT) representatives told the team that other authenticated…