Paso Robles Daily News reports: –The California Department of State Hospitals (DSH) today announced that a DSH employee with access to Atascadero State Hospital data servers as part of their information technology (IT) job duties improperly accessed approximately 1,415 patient and former patient, and 617 employee names, COVID-19 test results, and health information necessary for tracking COVID-19. The breach…
Category: Breach Incidents
21 months after a ransomware attack, a business associate breach first shows up on HHS’s breach tool. Here’s why.
HIPAA Journal reports on an incident that is illustrative of the challenges entities may face in the wake of a ransomware attack — determining whether a breach is a reportable incident or not. It also illustrates what may happen if an entity decides something is not a reportable breach but further investigation by the U.S….
AR: Total Life Healthcare data breached in ‘ransomware attack’
Region 8 reports: Participants’ data of St. Bernards Total Life Healthcare, Inc. was breached by a ransomware attack, according to a media release from HIPAA Privacy Officer Daya S. Shipman. PeakTPA, a healthcare management services provider, notified TLH on Jan. 23 of a breach on or about December 28, 2020. Read more on KAIT8. PeakTPA…
Former Roswell Park nurse pleads guilty to tampering with a consumer product
Articles on breaches involving protected health information (PHI) often raise the specter of what could happen if a patient’s records were misused and the patient’s healthcare suffered as a result. Here’s a case where it reportedly happened. This case also raises some questions about access controls and the value of audits and follow-up on audits….
A bug in a popular iPhone app exposed thousands of call recordings
Zack Whittaker reports: A security vulnerability in a popular iPhone call recording app exposed thousands of users’ recorded conversations. The flaw was discovered by Anand Prakash, a security researcher and founder of PingSafe AI, who found that the aptly named Call Recorder app allowed anyone to access the call recordings from other users — by knowing their…
PEI-Genesis, Inc. Provides Notice of Data Privacy Event
PHILADELPHIA, March 8, 2021 /PRNewswire/ — PEI-Genesis, Inc. (“PEI-Genesis”) recently announced an event that may have impacted the privacy of personal information relating to certain individuals and businesses. While PEI-Genesis is unaware of any attempted or actual misuse of personal information in relation to the event, PEI-Genesis provided potentially affected individuals with notice, information about the event and…