From the Pensacola News Journal: The Florida Department of Health has reported a data breach that may have comprised the personal information of some patients in Escambia, Santa Rosa, Okaloosa and Walton counties. The department completed an investigation and found that an unauthorized user compromised the Microsoft Outlook 365 account of an employee of the Children’s Medical…
Category: U.S.
Medical records of 1,216 Upstate University Hospital patients breached by former employee
James T. Mulder reports: An Upstate University Hospital employee inappropriately accessed the medical records of 1,216 patients without a work or job-related reason. Upstate announced it is contacting affected patients and the U.S. Department of Health and Human Services about the privacy breach. The former employee accessed the records between Nov. 3, 2016 and Oct….
PA: May Eye Care notified 30,000 patients after ransomware incident
Ransomware continues to pose a major threat to covered entities, and not surprisingly, an incident reported to HHS in October by a Hanover, Pennsylvania eye care center turned out to be yet another ransomware incident. The practice kindly sent me a copy of the notification letter they sent to 30,000 patients: Dear Sir or Madam,…
AL: Huntsville Hospital reports employee applicant breach at Jobscience
From Huntsville Hospital, this press release yesterday, seen at WAFF: “Regrettably, we’ve learned that Jobscience, Inc., the vendor which we’ve used for online employment application services since 2006, had a data breach which may have involved information from individuals who applied for jobs at Huntsville Hospital. Because of this, notification letters are being sent to…
TX: Metrocare notifies 1,804 patients after employees’ email hacked
On November 1, the Dallas County Mental Health Mental Retardation Center (doing business as Metrocare Services) notified HHS of a breach affecting 1,804. The following is their published notifcation, provided to this site by their spokesperson. DALLAS, TX – Metrocare Services announced today that it is mailing notification letters to some of its community members regarding…
Southwest Washington Regional Surgery Center notifies 2,393 patients after phishing attack exposed their PHI
The Southwest Washington Regional Surgery Center in Vancouver, Washington, recently notified the Oregon Attorney General’s Office of a breach that they discovered on September 25, 2018. Here is the text of their notification, as posted on their web site: Southwest Washington Regional Surgery Center, LLC (“SWRSC”) is committed to maintaining the privacy and security of…