Scott Ikeda reports: While it is far from uncommon for an organization to announce that it has been hit by a ransomware attack, two in one week is an unusual event. Brazil’s Health Ministry is looking at extended downtime for the system that processes Covid-19 vaccination data as it attempts to recover from this exact…
Category: Health Data
The Medical Review Institute of America notifies patients of ransomware incident (updated)
The Medical Review Institute of America (“MRIoA”) collects protected health information (PHI) as part of providing clinical peer review for covered entities that request it (if the patient consents to provide info for the review). MRIoA was hit with ransomware in November. And although they do not directly state that they paid ransom, it sounds…
If Your Disclosure of a Data Breach Was “Late,” You May Have to Litigate
Jean E. Tomasco of Robinson & Cole writes about a breach involving an accounting firm that is a business associate to a number of covered entities. This month, the firm, Bansley & Kierner, issued a notice and started notifying individuals and HHS. But the time frame for discovery and notification has resulted in a potential…
N.J. volunteer EMS agency says patient data was breached
Leila Merrill reports: A volunteer EMS agency in New Jersey says in a news release that patient data in New Jersey was breached, and it has requested formal hearings in the state Senate and Assembly Health Committees. The Lincoln Park First Aid Squad, also known as Lincoln Park EMS, announced that it and other squads that are…
WV: Monongalia Health System notifies patients and employees of data breach
Some reportable HIPAA breaches occur in the context of bad actors trying to re-route wire payments. Monongalia Health System in West Virginia seems to have suffered that type of breach. The incident impacted the email system of Monongalia Health System and its affiliated hospitals, Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company….
HSE given stolen data, including medical records, taken by criminals during cyber attack in May
Eilish O’Regan reports: The HSE has been given stolen data, including medical records, obtained by criminals during the May cyber attack, it emerged today. The material was given to the HSE by the Garda National Cyber Crime Bureau who received it from the Department of Justice in the United States under a Mutual Legal Assistance…