Although some members of the public may not realize it, not all U.S. medical practices or practitioners are covered by HIPAA. But for entities that are regulated by HIPAA, HIPAA has some requirements for notifying patients about reportable breaches. The first thing to understand is that for regulated entities, a breach is considered “discovered” on…
Category: Health Data
FMS: YAP Health Services disrupted by ransomware attack
The state of Yap is one of the four states that make up the Federated States of Micronesia, along with the states of Pohnpei, Chuuk and Kosrae. Yap is the Western-most island in the FSM, located about midway between Guam and Palau. From the YAP Health Services Facebook Page on March 12: Cyberattack Disrupts Yap…
Pinehurst Radiology Associates remains closed more than 1 month after cyberattack
Marty Stempniak reports: An East Coast imaging group remains closed more than one month after a cyberattack, according to reports from local media. Pinehurst Radiology Associates recently gave notice of the incident, launching an investigation amid suspicious activity on its network. Located in the Sandhills of North Carolina’s Moore County, the practice hired legal counsel…
Computers containing thousands of patients’ records stolen from Belfast hospital
Deborah McAleese reports: Twenty-eight computers containing the records of thousands of patients have been stolen from a Belfast Hospital, UTV can reveal. The computers were being used to train staff on the new encompass system, a digital healthcare record that is being rolled out across all health trusts. Belfast Health Trust said the missing appliances…
Center for Digestive Health notifies patients of April 2024 cyberattack
In May, 2024, the threat actors known as BianLian added the Center for Digestive Health in Florida to their dark web leak site. In June, they leaked what they claimed was 2.2 TB of files that they described as: A physical and medical history examination. Accounting, budget, financial data. Contract data and NDA’s. Accidents. Files…
Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida
Sunflower Medical Group has notified 220,968 people of a December attack by Rhysida. According to their submission to the Maine Attorney General’s Office and their notification letter to those affected, the Kansas-based group of independent physicians detected the attack on January 7, 2025. Investigation revealed that it had occurred on December 15, 2024. The day…