Today, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic and Clinical…
Category: HIPAA
Ca: Olympia House notifying patients about ransomware attack discovered in early August
On August 10, DataBreaches.net reported that Olympia House, an alcohol rehabilitation and drug treatment center in Petaluma, California had apparently been attacked by NetWalker ransomware threat actors but had not responded to an inquiry by this site. By November 9, Olympia House still had not posted any statement on their site or press release, and…
VA: Konikoff Dental Associates notifies patients and employees of possible data breach
WAVY reports: Konikoff Dental Associates Harbour View released a statement on its website warning patients of a possible data breach. The statement says the dentistry became aware of the incident on October 11 and it may affect the security of personal information for some patients and employees. Read more on WAVY. The dental practice’s full…
Maine disability services provider notifies 3,000 patients after thwarting ransomware attack
Here’s another incident where patients are not being offered any mitigation services — in this case, presumably because the entity and its external IT vendor could not find any evidence that ransomware threat actors had ever accessed, copied, or exfiltrated any data. Employment Specialists of Maine is a service provider for adults with mental health…
Cedar Springs Hospital notifies patients of breach after state loses drive with patient data
Yesterday, Cedar Springs Hospital in Colorado issued a press release about an incident that involved the state. They explain: Cedar Springs Hospital recently received a request from its licensing agency, the Colorado Department of Public Health & Environment (“CDPHE”), for certain hospital records. As a licensed healthcare provider, Cedar Springs Hospital is subject to periodic…
Former Elgin Mental Health Center Employee Charged With Identity Theft
CBS Chicago reports: Illinois State Police announced Wednesday that they have arrested a former Elgin Mental Health Center employee on identity theft charges. Kayla Brown, 25, of Country Club Hills, has been charged with a total of four felony counts of identity theft. She is an employee of the Illinois Department of Human Services, which…