As Nuance continues to attempt to restore services following the Petya attack in June, it’s interesting to note their conclusion that this was not a reportable breach under HIPAA.
Category: Health Data
Rogue insiders can go undetected for a long time….
So how are you determining if your Business Associate or vendor has a rogue employee who may be stealing or misusing your patients’ protected health information? A notification from Anthem regarding an incident that affected more than 18,000 Medicare members in 21 states is a timely reminder that out of sight cannot mean out of mind…
Plastic Surgery Associates of South Dakota notifies 10,200 after ransomware attack
From their web site, the practice’s notification. Note that some of the crucial data that might have enabled them to justify no need for notifications was lost/corrupted during the clean-up from the ransomware. Based on reports I’ve read over the past year, losing data during clean-up is not that rare, which should serve as a…
Health data breaches in 2017: The terrible, horrible, no good, very bad year? Join us for webinar!
By now, you’ve probably read at least a few reports on mid-year figures for breaches that suggest that 2017 is worse than 2016. In collaboration with Protenus, Inc., DataBreaches.net has worked up some mid-year figures for U.S. breaches involving health/medical data. Join me and Robert Lord of Protenus on Wednesday, August 2 at 1 pm,…
Women’s Health Group of Pennsylvania Notifies 300,000 Patients of Ransomware Attack
Mitch Blacher and David Chang report: A data breach at one of Pennsylvania’s largest health networks has sparked safety concerns and questions regarding why it took several months for patients to be notified. The Women’s Health Care Group of Pennsylvania, which is based in Oaks, Pennsylvania but has 45 offices serving women in Montgomery, Chester…
Virginia Woman Admits Stealing WVU Medicine University Healthcare Patient Information
The Associated Press has an update on an insider breach previously noted earlier this year: Forty-one-year-old Angela Roberts of Stephenson, Virginia, entered the plea Monday in federal court in Martinsburg. Roberts admitted using someone else’s personal information to commit bank fraud in June 2016 in Berkeley County, West Virginia. She faces up to five years…