On January 22, Robert Smith, DMD, PC in Tennessee reported a breach to HHS. The report indicated that 1,500 patients were impacted by a hacking/IT incident involving their network. A Google search indicated that the practice was likely to be “Smith Dental” in Tennessee. But I could find no press release or statement on their…
Category: Breach Incidents
RBS releases its year-end roundup and breach analysis
There’s nothing like some dramatic numbers to get attention to data breaches. Risk Based Security, Inc. has released their 2017 statistics, and yes, some of the numbers are dramatic. Here are just two snippets from their blog post about the report: There were 5,207 breaches recorded last year, surpassing 2015’s previous high mark by nearly…
Hack The Box discloses email gaffe
Nowadays, you are more likely to first learn of breaches on Twitter than from the entity’s site or email, as this thread today from Hack The Box demonstrates: Dear users – we apologise unreservedly for the recent disclosure of email addresses. A statement will follow shortly regarding the cause, impact, and preventative measures that we’ll…
Fresenius Medical Care North America settles HHS OCR complaint for $3.5m plus corrective action plan
Fresenius Medical Care North America (FMCNA) has agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and to adopt a comprehensive corrective action plan, in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. FMCNA…
MO: Licensed Professional Counselor Pleads Guilty to $175,000 Medicaid Fraud Scheme
A DOJ press release, but unfortunately, it doesn’t reveal for whom the defendant was working when she misused patient information. Was she self-employed or an employee of another entity? Jefferson City, Mo. – Missouri Attorney General Josh Hawley announced that Corrine A. Dale, of St. Louis, entered an open plea in St. Louis County Circuit Court…
San Diego County Office of Education notifies component school districts of breach of employee retirement contribution data
The San Diego County Office of Education recently notified component districts that some employee retirement contribution data had been incorrectly shared with districts. From their notification: What Happened? On December 5, 2017, a San Diego County Office of Education (“SDCOE”) employee inadvertently sent an employee retirement contribution spreadsheet, containing employee name, Social Security number, and funding…