Jason Murdock reports: A Swiss mobile phone operator has admitted its data systems were breached late last year and the contact details of about 800,000 customers were compromised. Swisscom said on Wednesday (7 February) that the names, addresses, telephone numbers and dates of birth of customers were accessed by an unknown party, which got the…
Category: Subcontractor
Court Declines to Dismiss Claims Against Business Associate Subcontractor Responsible for HIPAA Breach
CVS Pharmacy, Inc. v. Press America, Inc., 2018 WL 318479 (S.D.N.Y. 2018) A federal court has declined to dismiss a lawsuit filed by a pharmacy benefit manager (PBM) against a mail service that violated the HIPAA privacy rule when it misaddressed mail and improperly disclosed protected health information (PHI) of 41 individuals. The PBM, which…
Forrest General Hospital patients notified after business associate breach involving protected health information
HORNE LLP (“HORNE”) is providing notice of an incident that occurred at HORNE and may affect the security of protected health information of certain Forrest General Hospital patients. HORNE has access to these individuals’ personal health information as part of services HORNE provides for Forrest General Hospital with certain Medicaid reimbursement services. While HORNE is…
Eastern Maine Medical Center notifying 660 cardiac ablation patients after vendor’s hard drive discovered missing or stolen
Meg Haskell of the Bangor Daily News reports that 660 patients at Eastern Maine Medical Center will be receiving letters that their personal information was on a hard drive that was discovered missing on December 22, 2017. The hard drive, owned and operated by an unnamed vendor, held information on patients who underwent cardiac ablation between Jan. 3,…
Allscripts Hit with Class-Action Complaint After Ransomware Attack
Can’t say that I’m surprised, not after reading that practices were having to turn patients away because they couldn’t access their patient records or billing records. Rajiv Leventhal reports that a class action complaint has been filed against Allscripts: It was just last week when electronic health record (EHR) vendor Allscripts suffered a ransomware attack…
Tupelo schools impacted by Questar data breach
Daily Journal reports: The Mississippi Education Department’s assessment vendor, Questar Assessment, Inc., reported today that 562 students in the Tupelo Public School District were impacted by the data breach the company discovered last week. Questar’s preliminary analysis found that an unauthorized user viewed student assessment records between Dec. 31, 2017 and Jan. 1 from Tupelo…