Nicole Duran reports: The Obama administration has rehired an outside contractor that was partly responsible for what many think was the largest theft of personal information from the government in U.S. history, even as it continues to boast of several new steps it is taking to enhance federal cybersecurity. […] One of them is Key…
Category: Subcontractor
UPDATE: 5,000 Marin Medical Practices Concepts patient records lost during recovery from ransomware attack
In August, I noted a ransomware attack on Marin Medical Practices Concepts (MMPC), a business associate providing billing and EMR services to many physicians. The ransomware prevented the physicians from accessing patient records for more than 10 days, and Marin decided to pay an undisclosed amount of ransom. In an August 4 statement, however, they…
Newest OCR settlement highlights need to review and update Business Associate Agreements
A newly announced settlement between HHS OCR and Care New England reinforces what DataBreaches.net and Protenus, Inc. have been trying to remind everyone of this week: pay more attention to your business associate agreements and do so regularly. Care New England Health System (CNE), on behalf of each of the covered entities under its common ownership…
Napa Valley Dentistry notifies patients after theft of server from storage facility
A dental practice that purchased another dentist’s practice in 2012 finds itself having to notify their patients and his former patients after the theft of a server from a storage facility. In a letter to their patients and those of Dr. Justin Quinn, Dr. Justin Newberry of Napa Valley Dentistry states that on August 11, they discovered that a password-protected…
MA: Codman Square Health Center notifies members after breach at NEHEN
Notice of breach of unsecured health information This is a notice for patients whose information is accessible through New England Healthcare Exchange Network (NEHEN). On July 13, 2016, Codman Square Health Center was notified that a health information exchange was accessed without authorization and against Codman’s policies. The individual accessed information of many individuals that…
Report: Third-Party Breaches in the Healthcare Sector Are Nothing to Sneeze At
DataBreaches.net has reported on a number of breaches in the healthcare sector this year that involved third parties, so I thought that I’d try to compile them to see how 2016 was shaping up. The resulting chronology, available in a new report co-authored with Protenus, Inc., includes more than 60 incidents involving business associates or vendors. Highlights of the…