A news report from a few days ago is actually a good example of the frustration some experience with OCR investigation of breaches. TL;DR version: a breach was reported by the media in March, 2017. This site also noted it. But now, more than one year later, there have been no consequences for the entity,…
Category: Health Data
Central New York Cardiology notifies 824 patients after appointment records recovered by USPS from mail receptacle
I’m not sure I understand from the notification (reproduced below) how this incident occurred, but Central New York Cardiology is notifying 824 patients after the post office sent them a package of patient records that had been found loose in a mail receptacle. The records were appointment lists from October 2017 that, according to CNYC, should…
Follow-up: More than 1200 people could receive settlements after Flowers Hospital data breach
WTVY reports that if a federal judge approves a proposed settlement of a class action lawsuit, more than 1200 patients of Flowers Hospital in Alabama might receive reimbursement for credit monitoring expenses, payment for up to four hours of lost wages dealing with the breach, and a refund of any interest lost due to tax refund…
Some Kanawha County employees receive data breach notices after ComplyRight breach
Rick Steelhammer reports: Some Kanawha County employees whose health insurance coverage is issued through the county may have had personal information accessed during a data breach of the website of a cloud-based human resources servicing firm. Florida-based ComplyRight, which offers an array of HR-related data services to small businesses and government organizations, informed Kanawha County…
NorthStar Anesthesia notifies patients after employee email accounts compromised
Between May 23 and 24, 2018, NorthStar learned of an email phishing campaign that resulted in the compromise of certain employees’ email credentials. NorthStar immediately took steps to respond and commenced an investigation to determine the nature and scope of the incident, as well as determine what information may be affected. The investigation included working…
AU: Patients’ concerns over hacking incident at Ochre Health Wollongong
Lisa Wachsmuth reports: A “cyber incident” at a Wollongong medical centre has patients concerned their records may be lost, or even illegally accessed. GPs at Ochre Health Wollongong have been unable to access their patients’ medical records for two weeks after the incident which has still not been resolved. A spokesperson for Ochre Health has moved…