Mason Doktor reports that Jones Eye Clinic and CJ Elmwood Partners, L.P., an affiliated surgery center, experienced a ransomware attack on the evening of August 22. The attack affected 40,000 patients seen between Jan. 1, 2003 and Aug. 23. The providers were able to restore from backup and did not pay any ransom. Their full notice…
Category: Health Data
Byram Healthcare notifies patients about rogue insider incident
Byram Healthcare is a firm that provides disposable medical supplies. They were acquired in 2017 by Owens & Minor. On October 22, Byram sent notification letters to patients whose data may have been stolen and/or misused by a former employee. Byram learned of the former employee’s wrongdoing when they were contacted by law enforcement. In…
Follow-up: Mecklenburg Co. not fined for releasing personal information of health department patients
WSOC-TV reports: The United States Department of Health and Human Services Office of Civil Rights did not fine Mecklenburg County for inadvertently providing Channel 9 with the personal medical information of thousands of health department patients in 2017. Records show Mecklenburg County self-reported the potential HIPAA violation on May 4, 2017. In March 2017, in…
Boots cover up breach of confidentiality; over 400 lost ‘prescriptions’ from its Chaddesden store
Russell Pollard reports: Around 400 people who picked up their prescribed medication from the Boots store on St Mark’s Road in Chaddesden, in early September, should be concerned, and should be asking some serious questions of Boots. The original versions of their ‘prescriptions’ were lost from the store – the whereabouts of their personal data…
Children’s Hospital of Philadelphia Provides Notice of Two Email Incidents
A press release issued October 23. It does not indicate the number of patients affected by each of the two incidents or how the attacker(s) gained access to employee email accounts. Children’s Hospital of Philadelphia (CHOP) is providing to the parents or guardians of some of its current and former patients notice of two recent…
National Ambulatory Hernia Institute notifies almost 16,000 patients of Gamma ransomware attack
On October 5, HHS received a HIPAA breach notification from the National Ambulatory Hernia Institute in California. According to the notification, the incident affected 15,974 patients. A notice prominently displayed on NAHI’s site explains that there was a ransomware incident on September 13. URGENT NOTICE – DATA BREACH SUSPECTED URGENT NOTICE: Our office has experienced a…