Bisi Onile-Ere reports: A cyber attack on the Ramsey County Social Services may have comprised hundreds of clients’ private health information. In August, hackers gained access to the accounts of 28 employees in an attempt to divert their paychecks. “At Ramsey County this is the first time that we experienced something like this,” said John…
Category: Health Data
Pagosa Springs Medical Center pays $111,400 to settle OCR charges for failing to terminate employee’s access to ePHI after employment ended
Another enforcement action by HHS/OCR was announced today. This settlement involving Upper San Juan Health Service District (d/b/a Pagosa Springs Medical Center) is not an incident that I have been able to locate on HHS’s public breach tool or in this site’s records. According to the resolution agreement, the HHS investigation was opened in 2013. No,…
Data Breach at Florida Dispensary Highlights Vulnerabilities
Lukas Barfield reports: Last week, a Florida medical cannabis dispensary took their website offline after it was found that patient information was obtainable through the site’s basic search function. Sarasota-based AltMed is a licensed Medical Marijuana Treatment Center (MMTC) that also goes by the name MÜV. AltMed responded quickly by taking their website offline after…
UK: NHS to ban fax machines from 2020
From the This-Is-A-Good-Move dept., The Independent reports: Fax machines will be banned across the NHS in a bid to improve patient safety and cyber security. The outdated technology will be phased out by 31 March 2020 under plans announced by health secretary Matt Hancock. NHS organisations will be required to use modern communication methods instead, such as secure…
Report: 30 Percent of Healthcare Databases Exposed Online
Heather Landi reports: Hackers are using the Dark Web to buy and sell personally identifiable information (PII) stolen from healthcare organizations, and exposed databases are a vulnerable attack surface for healthcare organizations, according to a new cybersecurity research report. A research report from IntSights, “Chronic [Cyber] Pain: Exposed & Misconfigured Databases in the Healthcare Industry,”…
Baylor Scott & White Medical Center – Frisco notifies 47,000 patients after third-party bill payment vendor was hacked.
Baylor Scott & White Medical Center – Frisco, a joint venture managed by United Surgical Partners International (USPI), announced today it has sent letters to approximately 47,000 patients or guarantors whose payment information, including partial credit card information, may have been subject to an inappropriate computer intrusion. Baylor Scott & White Medical Center – Frisco…