So here’s yet another breach with what seems like a long delay to notification. In this case, Re-Solutions, a division of RSC Insurance Brokerage in Massachusetts, is a business associate to healthcare providers. On August 23, 2018, an employee’s laptop was stolen. In its disclosure letter, the laptop was described as “password-protected,” but there was…
Category: Subcontractor
MA: Emerson Hospital reports data breach
Robert Mills reports, in relevant part: Emerson Hospital is offering a two-year membership to an identity protection service to 6,300 patients whose personal information was part of a data breach caused by a third-party vendor last year. In a statement released Friday, the hospital said the data breach occurred between May 9 and May 17…
Should Companies Terminate Third Party Vendors That Cause A Data Breach?
Joseph Lazzarotti of Jackson Lewis writes: According to reports, bank customers in Australia (yes, data breach notification requirements exist down under) have been affected by “an industry-wide” data breach experienced by a third-party service provider to the banks – property valuation firm, LandMark White. As expected, the banks are investigating and in some cases notifying customers about…
MI: Thousands of Mary Free Bed patients impacted by Wolverine’s ransomware incident (with updates)
Note: This post started out being about Mary Free Bed being impacted by the Wolverine Solutions breach previously discussed on this site, but as other entities affected have been identified, this post is being updated to name them. Fox17 reports on yet another victim entity caught up in the Wolverine Solutions breach: Thousands of patients…
Health Alliance Plan notifies more than 120,000 patients of Wolverine Solutions Group breach
Entities affected by the Wolverine Solutions Group breach continue to be revealed. The ransomware incident at the business associate, was reported previously on this site as impacting more than 700 firms who are clients of Wolverine, and more than 1.2 million of those clients’ patients or clients. Today, the Detroit Free Press reports that Health Alliance…
Rush University notifies 45,000 patients after discovering insider wrongdoing at claims processing vendor
Last month, Rush University Hospital notified HHS of a breach that they reportedly discovered in December. The breach, affecting 908 patients, was coded as an Unauthorized Access/Disclosure incident with data located in paper/film format. At the time, Becker’s Spine Review reported that the incident was a mailing mix-up: According to the letter sent to affected patients,…