August 22, Boston — Massachusetts General Hospital (“MGH”) is notifying approximately 9,900 individuals of a privacy incident involving MGH’s Department of Neurology in connection with some of its research programs. On June 24, 2019, MGH learned that an unauthorized third party had access to databases related to two computer applications used by researchers in the…
Category: Health Data
Hospital Not Liable for Facebook Post of Patient Medical Records
Mary Anne Pazanowski reports that once again, a court has ruled that an employer is not liable for what an employee does if they the employee was not acting within the scope of their employment duties: An Indiana hospital isn’t liable for an employee’s unauthorized actions that allegedly led to the posting of a patient’s…
Sonoma Valley Hospital Website, Email Addresses Hijacked
Jessica Davis reports on a potentially very serious cyberattack that is not the type of thing you’ll usually read on this site: Sonoma Valley Hospital was forced to give up its coveted three-letter domain name in early August after hackers hijacked its website, according to local news outlet Sonoma Index-Tribune. The website had been registered…
Feds: PainMD’s abandoned medical records at risk of being burned, shredded
Brett Kelman reports: Federal and state prosecutors have asked a judge to halt the destruction of thousands of medical records abandoned by PainMD, a Nashville-area pain clinic company that shut down earlier this year in the midst of a fraud investigation. The medical records, which could be evidence against PainMD or important to former patients, are currently stuck…
Are thedarkoverlord’s victims entitled to damages from Athens Orthopedic Clinic? Georgia Supreme Court to rule.
Bill Rankin reports: In the spring of 2016, a cyber thief calling himself the “Dark Overlord” hacked into the databases of a Clarke County medical clinic and emerged with the personal information of an estimated 200,000 patients. The Athens Orthopedic Clinic refused to pay the hacker’s ransom and advised current and former patients to set…
Hospice of San Joaquin discloses ransomware attack
The Hospice of San Joaquin recently notified the California Attorney General’s Office that it had suffered a ransomware attack on July 2. The notification, signed by Rebecca Burnett, their CEO, states that: The data accessed may have included personal information such as full name, patient ID number, diagnoses, home address and other sensitive information. Though…