There’s an update to a breach previously reported on this site in 2018. From HHS: Oklahoma State University – Center for Health Sciences (OSU-CHS) has paid $875,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and agreed to implement a corrective action plan to settle potential…
Search Results for: HCA
Ca: How the court bolstered an insurer’s exclusion for privacy breach
David Gambrill reports: Acting recklessly in breaching the confidential medical files of patients effectively falls within a hospital insurer’s commercial policy exclusion for committing an ‘intentional act,’ Ontario’s top court has ruled. The Ontario Court of Appeal found a hospital insurer, the Healthcare Insurance Reciprocal of Canada, does not have a duty to defend a…
A community health provider in Vermont and an addiction rehab organization in Pennsylvania fall prey to BlackByte
Two medical entities appear to have recently fallen prey to attacks using BlackByte’s ransomware, and both entities have now had some of their data leaked on BlackByte’s dedicated leak site. Lamoille Health Partners Lamoille Health Partners in Vermont serves the Lamoille County community’s healthcare needs. As such, they provide a range of comprehensive services that…
More details emerge on Professional Finance Company ransomware incident, but questions remain
A ransomware attack on Professional Finance Company (PFC) has some of us who track breaches in the healthcare sector wondering how large this breach will be. The last time we saw a big breach involving a collection agency was in 2019. The American Medical Collection Agency filed for bankruptcy pretty quickly and the total number…
Professional Finance Company, Inc. is providing breach notifications to patients of 657 covered entities
So this one could be another big one: Professional Finance Company, Inc. (“PFC”), an accounts receivable management company that provides assistance to various organizations (including healthcare providers), announced today that it is notifying individuals whose information may have been involved in a recent network security incident. On February 26, 2022, PFC detected and stopped a sophisticated…
Patient information compromised in OrthoNebraska data breach
Omaha World-Herald reports: A December 2021 data breach put some OrthoNebraska patients’ personal and health information at risk, according to a statement released by the health organization Thursday. In early December 2021, an unauthorized individual or individuals gained access to an OrthoNebraska email account, sent out spam messages and gained access to protected personal and…