Sarah Meehan reports: The University of Maryland Medical System is investigating a malware attack on its computer system that occurred early Sunday, according to the hospital network. A ransomware-style attack affected about 250 of the hospital system’s 27,000 devices, said Jon Burns, the hospital system’s senior vice president and chief information officer. Because the group’s…
Category: Health Data
NJ Fines Health Insurance Provider $100K For Personal Information Breach
Kimberly Bosco reports: New York-based health insurance provider EmblemHealth, Inc. is paying the state of New Jersey a hefty fine for disclosing confidential personal information of over 6,000 New Jersey customers. Attorney General Gurbir S. Grewal and the Division of Consumer Affairs announced on Dec. 10 that EmblemHealth will pay NJ a $100,000 civil penalty….
Thielen Student Health Center accidentally leaks patient names, appointment dates
Kaitlyn Hood reports: Thielen Student Health Center (TSHC) experienced a data leak where inadvertently disclosed student information could be seen. Erin Baldwin, director of Thielen Student Health Center said on Nov. 5 the TSHC experienced a breach in their system when a coding error occurred as they put student information into a system to be…
Twelve US states join for the first time to file multistate data breach lawsuit
Catalin Cimpanu has a good write-up about the multistate lawsuit against Medical Informatics that I noted earlier this week: Attorneys general from twelve US states have joined together to file the first-ever joint cross-state HIPAA lawsuit against a healthcare provider that got hacked in the summer of 2015. The lawsuit, filed in an Indiana court…
Florida contractor physicians’ group settles HHS claims after they failed to have a BA agreement in place with a vendor who had a breach
There is a follow-up to a 2014 breach reported on this site at the time. But it turns out there was an interesting twist to this case that HHS followed up. Here is their press release: Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) of the…
Medical Informatics sued by multiple states over 2015 breach
A 2015 hack of Medical Informatics stayed in the headlines for quite a while because it compromised the data, including health information, of 3.9 million people. In addition to suits filed by consumers, state attorneys general have also sued the business associate, as Dave Gong reports: Fort Wayne-based Medical Informatics Engineering Inc. failed to secure…