The Norwegian Data Protection Authority’s inspection of Oslo University Hospital (OUH) reveals that the hospital cannot document satisfactory control of patient data when the hospital needs laboratory services from other countries. The Data Protection Authority understands that it is important to be able to use laboratories in other countries when the hospital or other Norwegian laboratories do…
Category: Health Data
Oops: Hundreds of One Medical patients’ emails exposed
Elise Reuter reports on what, indeed, was a big OOPS! An errant email sent to hundreds of One Medical patients exposed their email addresses. Several One Medical patients took to Twitter on Wednesday night sharing screenshots of the same email that was addressed to more than 900 people. It’s possible that the email was sent in batches…
Mayo Clinic faces lawsuits over nude patient image snooping
Kristen Leigh Painter reports an update to a previously reported insider-wrongdoing breach: Mayo Clinic is facing three lawsuits from patients who say a former surgery resident, Ahmad Alsughayer, viewed hundreds of their nude photographs in electronic medical records despite having no professional reason to go into their files. Alsughayer, who is 28 and has a…
IA: Peoples Community Health Clinic notifying patients after discovering compromise of employee email account
Peoples Community Health Clinic in Iowa has been notifying some patients as a result of an employee’s email account being compromised. As explained in their press release*, on March 22, 2021, PCHC became aware of suspicious activity related to an employee’s email account. An investigation revealed that between March 18, 2021 and March 22, 2021,…
Bucks County behavioral health and substance abuse nonprofit struck in cyberattack, urges clients to check their information
Anthony Salamone reports: The records of an unspecified number of clients of an Upper Bucks County behavioral-health and substance abuse nonprofit, which serves the Lehigh Valley, might have been stolen as part of a ransomware attack on the agency earlier this year. Penn Foundation in West Rockhill Township said it informed clients Tuesday of the…
University Medical Center of Southern Nevada attacked by REvil threat actors
See update at bottom of this post for statement from UMCSN. They do confirm that there was a breach. The University Medical Center of Southern Nevada, who proudly proclaims itself the official healthcare provider for the Vegas Golden Knights, has allegedly been the victim of a cyberattack by REvil (Sodinokibi) threat actors. The well-known ransomware…