Brandon Harder provides this morning’s reminder of the insider threat: Without legal authority, a nurse who worked at Saskatoon’s Jim Pattison Children’s Hospital snooped on the private medical records of 314 patients, according to a recent report. The report, dated April 23 and signed by Saskatchewan Information and Privacy Commissioner Ronald J. Kruzeniski, states that…
Category: Health Data
Acadian Ambulance Seeks Dismissal of Data Breach Lawsuit
Stephen Marcantel reports that Acadian Ambulance is seeking dismissal of a class-action lawsuit stemming from a ransomware attack in 2024 by Daixin Team. Acadian is claiming there is no proof that any patient has experienced any actual harm from the breach. The lawsuit, which was consolidated from 10 other class actions, claims that the July…
45 CHS hospitals were affected by the Oracle Health outage
This is reportedly all resolved by now, but on April 25, Becker’s Hospital Review reported that dozens of hospitals affiliated with Franklin, Tenn.-based Community Health Systems were experiencing IT outages after data storage linked to their Oracle Health EHRs was accidentally deleted: The hospitals have reverted to paper for patient records, with the issue expected…
Texas Health and Human Services Commission Notifies Additional Individuals Regarding Insider Wrongdoing Breach
There’s an update to an insider data breach previously announced in January 2025. Yesterday’s announcement brings the new total affected to almost 95,000 people. April 30, 2025. AUSTIN – The Texas Health and Human Services Commission is notifying an additional 33,529 recipients of agency services and other affected individuals that their protected health, personal identifying…
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation with Comprehensive Neurology, PC
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Comprehensive Neurology, PC (Comprehensive), a small New York neurology practice, concerning a potential violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. The settlement resolves an OCR investigation of a ransomware…
Several more lawsuits filed against Frederick Health Hospital related to data breach, cybersecurity failures
Gabrielle Lewis reports: Four class action lawsuits alleging Frederick Health Hospital failed to protect patients’ sensitive data during a ransomware attack in January were filed this month. These lawsuits accuse FHH of having inadequate cybersecurity measures, neglecting its obligation to protect patient data, improperly notifying the people affected by the data breach and putting individuals…