Marney Carmichael reports on an incident in Ontario, Canada: Halton region says a privacy breach at Allendale Long-Term Care Home in Milton exposed personal electronic health records from 2005 to this summer. A cybersecurity incident in June of this year involving third-party software led to unauthorized access of residents’ personal data, including names, health details…
Category: Health Data
Douglas County Health & Human Services notifies patients that former employee accessed their records inappropriately
Alex Evans reports: Unauthorized access of HIPAA-protected information by county employee, largely flies under the radar. Six-months after the Douglas County Department of Health and Human Services determined an employee had accessed protected personal and health information without authorization, a notice appeared on the county’s website. That notice can be found here. Fox21 reports some…
Ascension cyberattack exposed personal data of 5.6 million people
Sarah Volpenhein reports: Nearly 5.6 million people were affected in the ransomware attack that hit Ascension in May, the national health system now says. Until now, the health system had not publicly disclosed the total number of people affected by the May ransomware attack that compromised patient data and ultimately caused major disruptions to patient…
CA: Ontario Provincial Police charge three former hospital employees PHIPA violations of patient privacy breaches
Toula Mazloum reports: Three former hospital employees have been charged following investigations into unrelated alleged breach of patient privacy incidents that took place over the course of last year in different parts of the province, according to the Ontario Provincial Police (OPP). The investigations started after police received three complaints in western, eastern and northern…
ConnectOnCall breach exposes health data of over 910,000 patients
Sergiu Gatlan reports: Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall, acquired in October 2023. ConnectOnCall is a telehealth platform and after-hours on-call answering service with automated patient call tracking for healthcare providers. “On…
Nebraska AG becomes first state to sue Change Healthcare over massive data breach
Aaron Sanderford reports: Nebraska on Monday became the first state to sue Tennessee-based Change Healthcare over the company’s massive data breach that cost at least 575,000 Nebraskans their personal information and medical records. … The breach was blamed on a low-level employee who had his or her login credentials hacked. Nebraska Attorney General Mike Hilgers…