Ouch. The Pain Treatment Centers of America and Interventional Surgery Institute in Arkansas have been notifying HHS and 19,397 patients about a security incident involving their vendor, Bizmatics. I had reported last month that Bizmatics’ breach impacted at least 30,000 patients of two other clients. PTCOA becomes the third provider we now know about. I’ve emphasized some statements in PTCOA’s notice,…
Category: Subcontractor
Denver Archdiocese payroll system breached, 18,000 at risk
So which vendor was responsible for this one? The archdiocese wouldn’t answer that question when I put it to them…. Tom McGhee reports: Authorities are investigating a data breach at the Catholic Archdiocese of Denver that put current and terminated employees, their dependents, spouses, and beneficiaries at risk of ID theft. A third-party software provider…
Fourteen school systems impacted by Innovak Intl breach – IRS
So Innovak International never responded to my inquiries, but an IRS investigator reportedly told others that 14 school systems – three in Alabama and 11 in Mississippi – were impacted by their breach involving employees’ w-2 statements. Innovak’s web site, which never looked particularly confidence-inspiring to me to begin with, has a statement that says: We are currently…
Alabama CVS’ patient information at risk after laptop stolen
Kelly Poe reports: A laptop that contained prescription and patient information on customers of a CVS Pharmacy in Calera has been stolen. CVS learned on March 22 that the password-protected laptop had been stolen from a vendor. The laptop contained information about customers who have had prescriptions filled at the CVS store at 8370 Highway 31…
US jury fines Tata Consultancy Services $940m for healthcare software ‘theft’
Speaking of a contractor’s employees exceeding authorized access, Chidanand Rajghatta reports that a Wisconsin federal jury slapped a $940-million penalty, including $700 million in punitive damages, on Tata Consultancy Services (TCS) for allegedly stealing healthcare software from an American company, Epic Systems. Epic Systems, a US-based electronics medical records vendor, had accused TCS of stealing documents and…
University employees vulnerable after tax data breach involving W-2 vendor
Hannah Knowles reports that a breach involving a W-2 vendor has left employees in the education sector at risk of tax refund fraud. This time, it’s W-2 Express and Stanford University, although other clients of W-2 Express are also reportedly affected: At least 600 current and former Stanford employees are vulnerable to tax fraud following the illegitimate download…