Theresa Defino reports: Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and business associates (BAs). And, if Congress agrees, its impact would expand significantly in the coming months. As part of its…
Category: Health Data
Sheffield nurse Paul Grayson sentenced to 12 years for covert filming of hospital patients and staff
A nurse who “grotesquely breached” his position of trust when he covertly made indecent videos of staff and patients at a hospital in Sheffield has been jailed. Some of Paul Grayson’s victims were unconscious and recovery after surgery when he filmed up their gowns at the Royal Hallamshire Hospital. He also installed cameras in the hospital toilets…
Omnicell reveals ransomware incident in SEC filing
From their May 9 10-Q filing: Our IT systems and third-party cloud services are potentially vulnerable to cyber-attacks, including ransomware, or other data security incidents, by employees or others, which may expose sensitive data to unauthorized persons. On May 4, 2022, we determined that certain of our information technology systems were affected by ransomware impacting…
Sunday notes: Welldyne, North Alabama Bone & Joint Clinic disclose breaches affecting patient data
A Sunday two-fer on health data breaches: WellDyneRx, LLC (“WellDyne”) issued a press release on May 6 concerning an incident they first detected on December 2. The Florida-headquartered pharmacy benefits service provider’s investigation discovered that there was unauthorized access to an email account between October 30, 2021, and November 11, 2021. “Although there is no…
Update: U.S. v. Robert Purbeck aka “Lifelock”
Long-time readers may recall that in 2017 and 2018, DataBreaches.net reported on hacks of two medical practices by someone calling himself “Lifelock.” DataBreaches’ past reporting on him can be found in this July, 2017 post (see comments under the post), in two 2018 posts, and then a post in response to a press release from…
Breast Cancer Support Organization Leaks Data Despite Multiple Notifications?
Update: After posting this, tweeting this story, and getting retweets on it, it appears that as of late yesterday, the bucket was finally secured. Thanks to SafeyDetectives who kept re-checking the bucket and to everyone who tried to call attention to this to get the data locked down. DataBreaches did not get any acknowledgement or…