Justin Hendry reports: A security breach of a cloud-based client management system used by National Disability Insurance Scheme (NDIS) service providers has exposed a “large volume” of health and other sensitive data. CTARS, a Sydney-based software and analytics provider for the disability and care sectors, this week revealed an unauthorised third-party had gained access to…
Category: Health Data
Data breach class actions: Southern District of New York dismisses action against health care providers for lack of standing
James Bogan III of Kilpatrick Townsend & Stockton LLP writes: Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a non-exhaustive three-factor test for determining…
Ambulance billing service and two health systems report breaches involving protected health information
Comstar LLC Ambulance billing service Comstar LLC in Massachusetts is notifying an as-yet undisclosed number of people following a data security breach of their systems that was detected on March 26, 2022. It is not clear from their notice whether those being notified are all patients who used their service, or if there are also…
Ca: Data breach at Toronto health network possibly exposed patient information, OHIP numbers
CBC News reports: A Toronto health network says some of its servers containing a variety of personal patient details were recently breached. The Scarborough Health Network (SHN), which includes three hospitals and eight satellite sites, said in a statement Wednesday their IT department first noticed “unusual activity” on its servers Jan. 25. Its investigation with…
I.T. Specialist Charged in Cyber Intrusion of Suburban Chicago Health Care Company
CHICAGO — An information technology specialist has been indicted on a federal criminal charge for allegedly hacking into the server of a suburban Chicago health care company where he formerly worked as a contractor. AARON LOCKNER illegally accessed the server of the health care company, which operated a clinic in Oak Lawn, Ill., on April…
MO: Washington University School of Medicine notifying patients and research participants of data security incident
Washington University School of Medicine in St. Louis has reported yet another data security incident — what appears to be the fourth one in five years. Washington University School of Medicine is notifying an as-yet revealed number of patients and research participants whose personal and protected health information was in employee email accounts that were…