Kiss that 60-days to notify patients HIPAA bit goodbye if you’re doing business in Colorado. Julie A. Sullivan and Loreli Wright of Greenberg Traurig, LLP write: Passed during the 2018 state legislative session, House Bill 18-1128 went into effect on Sept. 1, changing Colorado’s law on the protection of personally identifying information and the procedure businesses must…
Category: Health Data
Georgia Spine and Orthopaedics of Atlanta notifies 7,012 patients after phishing attack
Another day, another successful phishing attack in the healthcare sector. From the web site of Georgia Spine and Orthopaedics of Atlanta: Georgia Spine and Orthopaedics of Atlanta (“GSO”) was a recent victim of an email “phishing” scam that resulted in unauthorized access to an employee’s email account. “Phishing” involves scammers sending emails that look legitimate,…
NC: Wilmington city employees’ health insurance info exposed by email error by BCBS NC
Emily Featherston reports: Email is no stranger to being linked to cases of identity theft and data breaches. Most of the time, the thief sends a phishing message that coaxes information out of the victim or brings along viruses or malware. However, a single email led to the improper release of the information of 158…
About 2.65M patients at Charlotte’s Atrium Health hit with third-party data breach
Caroline Hudson reports: About 2.65 million patients of Charlotte-based Atrium Health were recently hit with a data breach in which unauthorized parties gained access to their information. Hackers attempted to lift patient information over a weeklong period from Sept. 22-29. The data was stored in a third-party system provided by AccuDoc Solutions Inc., which provides…
Private data of users of PratenOnline.nl stolen and held for ransom?
Damn. This is a breach involving highly sensitive data. I am publishing a Google translation of a report that appeared on Security.nl. If you can read Dutch, please go read the original report. I hope that Security.nl understands that I am using their content because this breach is so serious and I want my readers to…
Mercy Medical Center – North Iowa notifies 1,900 patients after insider wrong-doing discovered
Ashley Stewart reports: Mercy Medical Center–North Iowa has notified about 1,900 individuals of a potential data breach involving their health records and personal information. In notification letters mailed to affected individuals and their families Nov. 26, patients were told their protected health information may have been “inappropriately accessed by an employee between July 2017 and…