Despite employers’ best efforts, some employees will just continue to try to snoop in patient files. This time, a covered entity discovered the wrongdoing via their own internal monitoring. Phoenixville Hospital, operated by Tower Health, reports that a recent review detected that an employee had accessed a patient’s electronic medical records (EMR) without any apparent…
Category: Health Data
A community health provider in Vermont and an addiction rehab organization in Pennsylvania fall prey to BlackByte
Two medical entities appear to have recently fallen prey to attacks using BlackByte’s ransomware, and both entities have now had some of their data leaked on BlackByte’s dedicated leak site. Lamoille Health Partners Lamoille Health Partners in Vermont serves the Lamoille County community’s healthcare needs. As such, they provide a range of comprehensive services that…
More details emerge on Professional Finance Company ransomware incident, but questions remain
A ransomware attack on Professional Finance Company (PFC) has some of us who track breaches in the healthcare sector wondering how large this breach will be. The last time we saw a big breach involving a collection agency was in 2019. The American Medical Collection Agency filed for bankruptcy pretty quickly and the total number…
North Korea is targeting hospitals with ransomware, U.S. agencies warn
Kevin Collier reports: The U.S. government said Wednesday that North Korea is behind a recent strain of ransomware cyberattacks on hospitals and other health care facilities. The warning is the starkest alert to date that North Korea, which the U.S. has long alleged uses its hackers to raise money for state programs like its nuclear weapons…
VCU Health identifies and addresses a 16-year privacy breach
Soap operas are almost always long-running. Privacy breaches should not be, and 16 years is a very long time for a problem to go undetected. But it appears that’s what happened to the Virginia Commonwealth University Health System (“VCU Health”). Last month, VCU Health disclosed that they had recently learned that beginning as early as…
WI: Southwest Health Center notifies individuals whose protected health information was accessed
Southwest Health Center in Platteville, Wisconsin is a non-profit community health provider. Yesterday they issued a notice about a data security incident they first discovered on January 11 that reportedly impacted certain systems. An investigation determined that an unauthorized party accessed or acquired the personal and protected health information of some current and former employees,…