This may be one of the best breach notifications I have ever read — for its plain language, clarity, and lack of attempt to spin. Not only did these folks respond promptly to an attack, but they had usable backups, stopped the attack quickly, and just…. handled this so well, it seems. Maybe they didn’t…
Category: HIPAA
MEDNAX Services notifies patients of data breach
Another business associate under HIPAA has disclosed a breach. You may not recognize their name, but they may handle your medical group’s billing or other functions, so if you get a letter from “MEDNAX,” don’t just assume it’s a scam. Florida-headquartered MEDNAX Services, Inc provides revenue cycle management and other administrative services to physician groups. …
OCR Releases Its 2016-2017 Audit Report on Health Care Industry Compliance with the HIPAA Rules
Today, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic and Clinical…
Ca: Olympia House notifying patients about ransomware attack discovered in early August
On August 10, DataBreaches.net reported that Olympia House, an alcohol rehabilitation and drug treatment center in Petaluma, California had apparently been attacked by NetWalker ransomware threat actors but had not responded to an inquiry by this site. By November 9, Olympia House still had not posted any statement on their site or press release, and…
VA: Konikoff Dental Associates notifies patients and employees of possible data breach
WAVY reports: Konikoff Dental Associates Harbour View released a statement on its website warning patients of a possible data breach. The statement says the dentistry became aware of the incident on October 11 and it may affect the security of personal information for some patients and employees. Read more on WAVY. The dental practice’s full…
Maine disability services provider notifies 3,000 patients after thwarting ransomware attack
Here’s another incident where patients are not being offered any mitigation services — in this case, presumably because the entity and its external IT vendor could not find any evidence that ransomware threat actors had ever accessed, copied, or exfiltrated any data. Employment Specialists of Maine is a service provider for adults with mental health…