Amy Clancy has an update on a University of Washington Medicine breach that was disclosed in February 2019. The breach was a human error incident that resulted in more than 970,000 patients having their information exposed online for several weeks. Clancy reports that the breach has now led to a class-action lawsuit that could eventually…
Category: Breach Incidents
Thinking about cybersecurity is great, but are you prepared for your building burning down?
Let’s not forget the physical threats to protected health information. This news report about a fire in Hillsdale, New York destroying the Hillsdale Healthcare medical practice should give you pause. Is this scenario anywhere in your risk assessment? Heather Bellow reports on the damage to a strip mall from the fire, but I’m going to…
Protenus releases its analysis of 2019 health data breaches
Protenus’s 2020 BreachBarometer is now available for free downloading. From their highlights: Our analysis is based on 572 health data breaches reported to the U.S. Department of Health and Human Services (HHS), the media, or some other source during 2019 (Figure 1). As in years past, we do not have numbers for every incident in…
Wise Health updates its breach notification of last summer
In July 2019, this site noted that Wise Health in Texas had notified HHS about a HIPAA breach impacting 35,899 patients. The report concerned a phishing incident in March, 2019 that was discovered in April, 2019. Last week, Wise Health issued another press release, reproduced below. At first blush, it might sound like a new…
NC: Wake County learns that 1,900 employees affected by breach at former benefits administrator
Posted to Wake County’s website yesterday (h/t, WDTV/Yahoo) Wake County’s former flexible benefit spending accounts administrator, Interactive Medical Systems, recently reported that it experienced a data security breach that disclosed the personal information of nearly 1,900 Wake County Government employees to an unauthorized third party. “We sincerely regret any inconvenience or concern that this matter…
Potential class action lawsuits filed against two more ransomware victims
On Thursday, I reported on a potential class action lawsuit that had been filed against two hospitals in Puerto Rico that suffered a ransomware attack. As I noted in my post, none of the named plaintiffs claimed that they had suffered any concrete injury or harm other than the cost and time involved in monitoring…