Good Shepherd Centres in Canada recently disclosed a breach involving protected health information that occurred on September, 27, 2020. On June 29, Good Shepherd posted a statement that explains that it had been the victim of an attempt to shut down its systems, but that the attacker(s) “quickly facilitated restoration after realizing that Good Shepherd…
Category: Health Data
Belden issues substitute notice for November, 2020 breach
In November, 2020, networking equipment vendor Belden revealed that they had been the victim of a cyberattack. DataBreaches.net noted it at the time, but did not realize any protected health information was involved until April, 2021, when Belden notified HHS that protected health information they maintained as part of their health plan had been potentially…
Norwegian DPA: Oslo University Hospital ordered to amend agreements
The Norwegian Data Protection Authority’s inspection of Oslo University Hospital (OUH) reveals that the hospital cannot document satisfactory control of patient data when the hospital needs laboratory services from other countries. The Data Protection Authority understands that it is important to be able to use laboratories in other countries when the hospital or other Norwegian laboratories do…
Oops: Hundreds of One Medical patients’ emails exposed
Elise Reuter reports on what, indeed, was a big OOPS! An errant email sent to hundreds of One Medical patients exposed their email addresses. Several One Medical patients took to Twitter on Wednesday night sharing screenshots of the same email that was addressed to more than 900 people. It’s possible that the email was sent in batches…
Mayo Clinic faces lawsuits over nude patient image snooping
Kristen Leigh Painter reports an update to a previously reported insider-wrongdoing breach: Mayo Clinic is facing three lawsuits from patients who say a former surgery resident, Ahmad Alsughayer, viewed hundreds of their nude photographs in electronic medical records despite having no professional reason to go into their files. Alsughayer, who is 28 and has a…
IA: Peoples Community Health Clinic notifying patients after discovering compromise of employee email account
Peoples Community Health Clinic in Iowa has been notifying some patients as a result of an employee’s email account being compromised. As explained in their press release*, on March 22, 2021, PCHC became aware of suspicious activity related to an employee’s email account. An investigation revealed that between March 18, 2021 and March 22, 2021,…