On October 5, Salud Family Health in Colorado notified HHS of a breach, but only provided a “marker” of 501 affected. On November 4, they provided notice that said the types of information that might have been accessed or taken included in a cyberattack included: patients’ name, Social Security number, driver’s license number or Colorado…
Category: U.S.
Avamere Health Services updates its breach disclosure
Back in July, DataBreaches reported on an Avamere Health Services breach. Avamere has now updated their breach notification. Their newer notice is being provided on behalf of the following entities to whom Avamere is a Business Associate as defined under the Health Insurance Portability and Accountability Act (“HIPAA”): A-One Home Health Services, LLC Avamere at…
Booz Allen Hamilton Holding Corporation notifies employees of insider breach
Booz Allen Hamilton Holding Corporation has disclosed an insider breach involving the sensitive, personally identifiable information (PII) of active employees as of March 29, 2021. According to their notification, a copy of which was submitted to the Montana Attorney General’s Office, Booz Allen recently learned that while employed by Booz Allen, a former employee obtained…
20 million Americans in 21 states ‘are still at risk of dangerous healthcare after cyberattack’: IT breach at one of biggest hospital chains in the US has already caused overdoses, cancer delays and ambulance diversions
Caitlin Tilley reports: Twenty million Americans are at risk of ‘dangerous’ healthcare after a cyberattack at one of the country’s biggest hospital chains last month, security experts have told DailyMail.com. CommonSpirit Health — a system that runs 140 hospitals, and more than 1,000 care sites including cancer clinics, surgery hubs and stroke centers— suffered a major IT breach…
Yale Medicine discloses breach of doctor’s prior patient records system
From an incident report appearing on Yale Medicine’s website: Yale Medicine has discovered a cybersecurity incident, involving the records of patients seen by Dr. Tito Vasquez at his former practice, Connecticut Plastic Surgery Group LLC, between 2009 and May 2021. This notice concerns a data security event that may have resulted in unauthorized access to…
When was the last time you checked on the paper records you put in storage somewhere?
A cardiology practice recently discovered that early patient records stored in a basement locker had been stolen at some unknown time. Given that these were paper account ledgers, is there even a backup so that the practice will have the names and then-contact information of everyone who should be notified? Their media notice does not…