Modernizing Medicine (“ModMed”) is a healthcare technology firm that provides Electronic Health Records (EHR) and practice management software to many HIPAA-covered entities. ModMed recently announced that on July 29, it discovered unauthorized activity in some of its computer servers. The servers in question contained data from some of ModMed’s podiatry clients, and the data was…
Category: Subcontractor
Gatineau gymnastics centre warns members of possible data breach
CBC reports: Thousands of members of a gymnastics centre in Gatineau, Que., may have had their personal and financial data stolen after a possible computer breach. Some 21,000 members of Unigym Gatineau learned about the Oct. 6 breach in an email from the club on Wednesday. The compromised data includes names, contact information, social insurance…
Data breach in 42 Latvian municipalities: DVI imposes 300,000 euro fine on ZZ Dats
LETA reports: The Data State Inspectorate (DVI) has imposed a 300,000 euro fine on SIA “ZZ Dats” in connection with last year’s municipal data breach; the company has appealed the decision in court, the LETA news agency reports. According to the Inspectorate, the data were stored in an information system maintained by ZZ Dats. Upon…
Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers
From NY DFS: New York State Department of Financial Services (DFS) Acting Superintendent Kaitlin Asrow today issued new cybersecurity guidance addressing the risks associated with entities becoming increasingly reliant on third-party service providers (TPSPs). The guidance builds on the Department’s ongoing work to protect New Yorkers and DFS-regulated entities from cybersecurity risks through its nation-leading…
Capita hit with £14m fine for personal data breach in 2023 cyber attack
The Information Commissioner’s Office has fined Capita plc and Capita Pension Solutions Ltd a combined £14m following a cyber attack in April 2023 which saw hackers gain access to over 6m people’s data. Stroud News & Journal reports: Outsourcing giant Capita has been fined £14 million by the Information Commissioner’s Office (ICO) for failing to…
$19M in Settlements Underscore Cybersecurity Risks for TPAs and Insurers
Steven L. Imber, Justin T. Liby, Jennifer L. Osborn, Zachary R. Dyer, and Pavel (Pasha) A. Sternberg of Polsinelli PC write: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to substantial settlements to resolve allegations that they failed to adequately safeguard sensitive data from cyberattacks. In the…