RGH Enterprises, Inc. d/b/a Edgepark Medical Supplies (“Edgepark”) is an Ohio medical supplies provider that ships products directly to patients and bills their insurance for them. Rise Interactive Media & Analytics, LLC (“Rise”) is an Illinois firm that provides digital marketing services for Edgepark as a business associate. They also provide analytics and other services…
Category: Subcontractor
FL: Brooks Rehabilitation notifies patients of pixel tracking breach
On January 30, Brooks Rehabilitation (“Brooks”) in Florida disclosed that in December, they discovered tracking technology vendors that provide services to Brooks were able to view/access individually identifiable health information (IIHI) provided when a website user provided contact information or feedback via a Brooks website. The data transmitted could have included information such as name;…
Community Health Systems estimates 1 million patients impacted by vendor’s GoAnywhere breach
Sometimes our first report of a data breach comes in an 8-K filing to the Securities and Exchange Commission. Such is the case with a breach affecting Community Health Systems, Inc. in Tennessee. In its 8-k filing of February 13, CHS discloses that they were recently notified by Fortra, LLC, a third party vendor of…
Medical records for 4,158 Garrison Women’s Health patients lost due to attack on IT vendor
Fosters reports: Medical records of Garrison Women’s Health patients were recently “subject to unauthorized third-party activity,” according to information released Friday evening by Wentworth-Douglass Hospital. For 4,158 patients, data such as appointment records and some personal health information cannot be restored, according to Adam Bagni, spokesperson for the hospital. The hospital states “there is no evidence” the information…
The Center for Autism and Related Disorders notifies patients after vendor’s error caused HIPAA breach
The Center for Autism and Related Disorders (“CARD”) has locations throughout the U.S. On January 24, it experienced a reportable breach when “as part of a recent update to its patient billing systems, the third-party vendor responsible for generating patient invoices incorrectly made a computer error which resulted in certain caregivers receiving an invoice for…
Bits ‘n Pieces (Trozos y Piezas)
EC: Seguros Equinoccial S.A data keaked by Vice Society On January 28, data allegedly from Seguros Equinoccial S.A. was added to Vice Society’s leak site. Seguros Equinoccial offers various kinds of life, auto, corporate, and other insurance plans to individuals, families, and businesses. Inspection of the leaked data revealed a folder called “bck” with 25…