There is an enforcement update to an incident noted on this site in 2018. The incident that involved New England Dermatology P.C., d/b/a New England Dermatology and Laser Center (“NDELC”) was summarized by HHS in their resolution agreement and corrective action plan for this case: On May 11, 2021, NEDLC filed a breach notification report…
Category: Health Data
Transparency #FAIL: Why won’t Anthem/Elevance Health answer a simple question about breaches?
A DataBreaches opinion piece. You might think a giant insurer like Anthem, which has experienced at least several breaches over the years — including one of the most significant breaches ever — would understand the importance of transparency by now. Apparently not. On May 24, Anthem (now known as Elevance Health) posted a notice on…
MD: Onyx Technology alerts clients and patients of ransomware incident
On August 12, Onyx Technology of Maryland began notifying regulators and others about a ransomware attack they experienced. According to their notification to the Montana Attorney General’s Office on behalf of Independent Care Health Plan (iCare), they discovered the attack on June 28. Their investigation subsequently found that “a server may have been removed or…
California Department of Corrections and Rehabilitation notifies staff, visitors, and incarcerated individuals of breach
The California Department of Corrections and Rehabilitation (CDCR) issued a breach notification this week. Because the notification mentions COVID-19 testing, at first, DataBreaches thought it was the incident CDCR had disclosed last month, but no, it turns out that that was a different incident. The newly revealed breach affects staff, visitors, and others tested for…
Essonne: a hospital center targeted by a cyberattack, its services severely disrupted
The following is a machine translation: The South Francilien Hospital Center (CHSF) in Corbeil-Essonnes is the victim of a computer attack which began in the night from Saturday to Sunday around 1 a.m., seriously disrupting its activity, according to a press release from the establishment. Some patients are notably redirected to public hospitals in Île-de-France….
How many breaches has Overlake Medical Center & Clinics experienced in the past few years?
In February 2020, Overlake Medical Center and Clinics in Washington State reported a phishing incident in December 2019. More than 109,200 patients were reportedly affected. HHS investigated the incident and wrote a closing note in the file: Overlake Medical Center and Clinics, the covered entity (CE), reported that multiple employees were the victims of an…