EVERSANA, a global commercial services provider to healthcare entities, has disclosed a data breach that occurred between between April 1 and July 3, 2019. The breach reportedly affected patient data stored in a legacy technology environment, which has since been updated. According to their notification, “Upon notification of unusual email activity, the firm immediately conducted…
Category: U.S.
Alert from OCR: Individual Posing as OCR Investigator
From OCR, this alert: It has come to OCR’s attention that an individual posing as an OCR Investigator has contacted HIPAA covered entities in an attempt to obtain protected health information (PHI). The individual identifies themselves on the telephone as an OCR investigator, but does not provide an OCR complaint transaction number or any other…
Marriott data breach exposes personal data of 5.2 million guests
Keumars Afifi-Sabet reports: Marriott has informed 5.2 million guests that their personal details were inappropriately accessed in a possible data breach. Contacts details, loyalty account information, company, gender, birthday, partnerships and affiliations and room preferences were among guests’ details accessed between mid-January and February 2020. Read more on ITPro.
First-Ever CCPA Cause of Action Filed in a Federal Court, but Is This Class Claim Short-Lived?
Cynthia J. Larose and Natalie Prescott of Mintz discuss a lawsuit previously noted on this site: Fuentes v. Sunshine Behavioral Health Group, LLC. The lawsuit followed a data leak of PHI due to a misconfiguration of a database. The leak was first reported by DataBreaches.net who had alerted the entity to their leak. I’m going…
Medical and military contractor Kimchuk hit by data-stealing DoppelPayme ransomware
Zack Whittaker reports: Kimchuk, a medical and military electronics maker, has been hit by data-stealing ransomware, TechCrunch has learned. The Danbury, Conn.-based manufacturer, which builds electronics for medical equipment, telecoms systems and energy grids, also makes nuclear modules for the Navy, work that often requires security clearance. Read more on TechCrunch.
American HomePatient Data Breach Class Action Settlement
Top Class Actions reports: American HomePatient has agreed to pay $1 million to resolve claims that they failed to protect patient data in a burglary incident. The settlement benefits current or former patients and customers of American HomePatient Inc. and Lincare Holdings Inc. whose personal identifying information was stored on the unencrypted hard drives stolen…