Updated Feb. 22, 2019. DataBreaches.net was notified that HHS had finally removed the disputed listing from their portal. But when I checked, I found that it had not really been removed. OCR had closed its case and moved the entry to its archived list, with the following note: On November 13, 2018, OCR received a…
Category: Health Data
Thundermist Health Center dealing with ‘ransomware’ attack
Sarah Doiron reports from Rhode Island: A local health center is working to resolve problems with its computer system after officials say it was the target of a “ransomware” attack. Thundermist Health Center, which is based out of Woonsocket and has offices in South Kingstown and West Warwick, was hit with the attack around 8…
IL: Center for Vitreo-Retinal Diseases notifies more than 20,300 patients after ransomware attack
On November 16, the Center for Vitreo-Retinal Diseases in Illinois notified HHS of a breach that they coded as “unauthorized access/disclosure” involving PHI on the network server. Here is the notice on their web site that describes what the ransomware incident: The Center for Vitreo-Retinal Diseases has become aware of a potential data security incident…
Amendments to data breach notification law in Colorado impact HIPAA-regulated entities
Kiss that 60-days to notify patients HIPAA bit goodbye if you’re doing business in Colorado. Julie A. Sullivan and Loreli Wright of Greenberg Traurig, LLP write: Passed during the 2018 state legislative session, House Bill 18-1128 went into effect on Sept. 1, changing Colorado’s law on the protection of personally identifying information and the procedure businesses must…
Georgia Spine and Orthopaedics of Atlanta notifies 7,012 patients after phishing attack
Another day, another successful phishing attack in the healthcare sector. From the web site of Georgia Spine and Orthopaedics of Atlanta: Georgia Spine and Orthopaedics of Atlanta (“GSO”) was a recent victim of an email “phishing” scam that resulted in unauthorized access to an employee’s email account. “Phishing” involves scammers sending emails that look legitimate,…
NC: Wilmington city employees’ health insurance info exposed by email error by BCBS NC
Emily Featherston reports: Email is no stranger to being linked to cases of identity theft and data breaches. Most of the time, the thief sends a phishing message that coaxes information out of the victim or brings along viruses or malware. However, a single email led to the improper release of the information of 158…