Alamance Skin Center recently reported a HIPAA breach to HHS as being a “Loss” incident with data in EMR. But previous media coverage provided an even more dire understanding of the incident. On November 4, Triad Business Journal reported that the medical practice, part of Cone Health, had been the victim of a ransomware attack. The…
Category: Health Data
Commentary: ‘You may be hacked’ and other things doctors should tell you
Maximilian Kiener is Research Fellow in Philosophy at the University of Oxford. And while I have been blogging about the need to promptly disclose to patients when patient data has been acquired or dumped by threat actors, Kiener has been writing about the need for doctors to expand our concept of what constitutes the kind…
Correction and Update: Mount Locker team denies responsibility for Sonoma Valley Hospital attack
On November 9, DataBreaches.net published “Without Undue Delay” which catalogued health sector ransomware attacks where attackers had dumped patient data as part of an attempt to pressure their victims into paying ransom. That report was a companion to a post arguing that patients need to be notified sooner of ransomware dumps than HIPAA’s 60-day window…
Delaware Division of Public Health Announces Data Breach Incident Involving COVID-19 Results
DOVER (Nov. 15, 2020) – The Delaware Division of Public Health (DPH) is announcing today that it is mailing letters to individuals who were impacted by a recent data breach incident and is providing information to the public regarding the incident. On September 16, 2020, the Department of Health and Social Services (DHSS) discovered that…
400 patient records lost after cabinet at Hong Kong’s Queen Mary Hospital mistakenly removed by contractor
Zoe Low reports: A filing cabinet containing more than 400 patient records was suspected to have been mistakenly disposed of by a contractor at Hong Kong’s Queen Mary Hospital last Friday. The locked four-drawer steel cabinet was used to store the service records of 442 elderly patients who had received “integrated care and discharge support”…
COVID-19 Data-Sharing App Leaked Healthcare Worker Info
Elizabeth Montalbano reports: A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform’s web and Android apps allowed for unauthorized users to access private data about…