The other day, I wondered aloud whether there was anything the American Medical Collection Agency (Retrieval Masters) could have done after they were hacked to keep their big clients like Quest Diagnostics and LabCorp. An interesting report by Marianne Kolbasuk McGee on BankInfoSecurity suggests that there might have been. McGee reports that newly submitted court…
Category: Health Data
OH: Edgepark Medical Supplies notifying 6,572 patients after a “password spray attack”
It appears that RGH Enterprises, Inc., d/b/a Edgepark Medical Supplies, has had another HIPAA breach. The first time they came to this site’s attention was in January, 2014, when they disclosed a 2013 malware incident that had gone undetected for nine months and potentially impacted 4,230 patients. Then in January, 2018, they notified HHS and…
Wise Health notifies almost 36,000 after phishing attack compromised employees’ email accounts
Last week, I read a breach notification from Wise Health in Texas, and I duly noted it in my monthly worksheet. Not all incidents logged in my worksheet get reported on the blog, but I do include them in my monthly statistical analyses. Today, however, I see that Wise Health reported the incident to HHS…
PA: Software firm, health care provider accuse each other of theft
Nicholas Malfitano reports on a lawsuit in which a healthcare provider, Post Acute Medical, LLC (PAM), accuses the former owner and operator of its computerized records database, Christopher LeBlanc and Meridian Hospital Systems Corporation of Dallas, Texas, of illegally retaining its confidential patient data. The suit was filed in federal court for the Middle District…
University of Alabama warns of computer breach at Brewer-Porch center
Tuscaloosa News reports: The University of Alabama says a 2009 computer security incident involving a server for Brewer-Porch Children’s Center may have exposed some personal information for about 1,400 former clients, employees and medical providers. In June, staff preparing an old server for disposal discovered unauthorized login activity between Oct. 24, 2009, and Dec. 9,…
HIPAA nightmare: An IT vendor’s error left more than 300,000 files with protected health information exposed
Medico, Inc.’s IT vendor’s error left at least two Amazon buckets unsecured More than 300,000 files contained protected health information related to patient billing, complete with insurance information and treatment codes Leaks were independently discovered by at least three researchers using different search methods It’s been a rough few months in terms of business associates…