Today, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of three investigations and one matter before an Administration Law Judge related to compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Two of these cases are part of OCR’s HIPAA Right of Access…
Category: Health Data
Oklahoma City Indian Clinic impacted by Suncrypt’s ransomware attack
The Oklahoma City Indian Clinic (OKCIC) serves 20,000 patients from more than 200 different Native American tribes. A note on their website and their Twitter account currently apologizes that due to technological issues, the pharmacy automatic refill line and mail order services will be down for an indeterminate amount of time. The home page of…
IL: Blessing details defenses amid increasing health system cyber-attacks
Ryan Hill reports: Hospitals and health systems are finding themselves in the crosshairs of cybercriminals more frequently. According to third party cybersecurity company Black Kite’s 2021 Third Party Breach report, attacks on healthcare companies accounted for nearly a third of attacks in 2021. Blessing Health information security chief Todd Haverstock said he has seen the number…
Weekend update: Christie Clinic, CSI Laboratories report breaches
Christie Business Holdings Company, P.C. (“Christie Clinic”) in Illinois Christie Business Holdings Company, P.C. (“Christie Clinic”) in Illinois issued a breach notice that is also prominently posted on their website. According to their notice, an unauthorized actor gained access to their system between July 14, 2021 and August 19, 2021. The unauthorized actor did not…
BCBS of Kansas subcontractor offers free protection to members put at risk by data breach
Sarah Motter reports: A data breach at a Blue Cross Blue Shield subcontractor has left about 2,800 members at risk, however, the company has taken steps to ensure their information stays secure. Blue Cross and Blue Shield of Kansas says on Thursday, March 24, it was recently notified of a data breach that happened several months…
TX: Val Verde Regional Medical Center patient data dumped by LockBit
Val Verde Regional Medical Center (VVRMC) appears to have been the victim of a ransomware attack involving LockBit. According to LockBit, Val Verde Memorial Hospital was compromised and 96,000 patient records were exfiltrated. The listing was added to the leak site on March 16, with LockBit noting that the patient records had the following table…