Matt Fisher writes: Healthcare organizations are learning tough lessons that actions of employees can come back with serious consequences to the organization. When it comes to maintaining the privacy and security of patient data, no action comes without a consequence. While some actions are completely uncontrollable, that does not necessarily mean that liability cannot potentially…
Category: Health Data
Altus Baytown Hospital system hit by Dharma ransomware
On November 2, Altus Baytown Hospital System posted this notice of breach: We are posting this statement on our website as a precautionary measure and as part of our commitment to patient privacy. Altus Baytown Hospital and its affiliates and related entities (collectively, “ABH”) take our patients’ privacy seriously, and it is important to…
Inova Health notifies patients after law enforcement alerts them to breach that began in 2016 [UPDATED]
Inova Health has been notifying patients of a breach that law enforcement first alerted them to on September 5. According to a notice on the Northern Virginia – Washington, D.C. – metro area health system’s site: On September 5, 2018, we were advised by law enforcement that some of our patient records may have been…
Bankers Life notified more than 566,000 after hack of employees’ email resulted in breach of PHI
The following is a Bankers Life announcement of a security incident that appears on HHS’s public breach tool under the name “CNO Financial Group, Inc.” According to the report to HHS, the breach affected 566,217 members protected health information. On October 25, Bankers Life1 notified certain customers about a data security issue. We take the…
Protenus releases its Q3 report on breaches involving health data
Protenus has released its Q3 report on breaches involving health data. As explained in their methodology, since its inception in 2016, Protenus reports have not confined themselves to just using data from HHS’s public breach tool (“The Wall of Shame”). Instead, the Protenus reports, using data compiled by DataBreaches.net, include data from incidents also involving…
NJ Settles Charges Against Business Associate Responsible for Virtua Medical Patient Data Breach: Vendor Owner Pays $200,000 and is Barred From Owning or Managing Any Business in NJ Again
One question that occasionally pops up is how often businesses go out of business after or due to a data breach. My answer to that is “not often,” but we do it occasionally. In some cases, the breach may just have been a final straw for an already shaky business. Yesterday, during a webinar with…