Samantha Liss reports: SSM Health has notified 836 patients that their personal information may have been compromised after a medical device was stolen from DePaul Hospital. The device looks like a laptop and that’s likely why it was stolen — not because it contained patient information, SSM Health, owner of DePaul Hospital in Bridgeton, said…
Category: Health Data
Where is the future of HIPAA enforcement headed?
Ira Parghi of Ropes & Gray writes: Since January 2016, the OCR has entered into resolution agreements with, and imposed Corrective Action Plans (CAPs) on, providers and others in at least 12 matters involving the Security Rule. It has also imposed a Civil Monetary Penalty on one entity. Most of these cases involve stolen, unencrypted…
How ECMC got hacked by cyber extortionists
Henry L. Davis provides some greater depth to the coverage of the ransomware attack on Erie County Medical Center: It was 2 a.m. Palm Sunday. Computer screens across Erie County Medical Center flashed white with bright red words: “What happened to your files?” The ransom demands began with hot pink text. “Step1: You must send us…
“We’re not responsible:” TheDarkOverlord denies hacking Disney’s new Pirates movie
Since June of 2016, when they somewhat burst on the scene, there has been a lot written about the hacker/collective known as TheDarkOverlord (TDO). A lot of it appears to be just plain inaccurate, but in some cases, the inaccurate reporting can be traced back to misleading communications or tweets by TDO. As a recent example of miscommunication creating an inaccurate…
“Shoot the messenger:” NYC hospital and vendor threaten DataBreaches.net for reporting on their security failure
Vendor’s mistake potentially exposed “millions” of Bronx-Lebanon Hospital patients’ information; Hospital and vendor try to claim that iHealth Solutions was “hacked” by security researchers who uncovered the security problem; Hospital and vendor issue series of demands, threaten DataBreaches.net for reporting on incident; On May 3, Kromtech Security’s research team, conducting routine research, found that confidential and sensitive patient…
Coney Island Hospital notifies patients of….. what?
Crain’s reports: A volunteer at NYC Health + Hospitals/Coney Island gained unauthorized access to the protected health information of nearly 3,500 patients, the hospital told the U.S. Department of Health and Human Services last week. The volunteer in Coney Island’s phlebotomy department entered patient names in a logbook, cleaned up data storage areas and transported…