Hunton Andrews Kurth writes: On May 26, 2022, California Attorney General Rob Bonta issued a press release reminding health app providers that California’s Confidentiality of Medical Information Act (“CMIA”) applies to mobile apps that are designed to store medical information, which includes health apps such as fertility trackers. The press release reminds health app providers that the…
Search Results for: HCA
Christus Health ransomware incident involved theft of sensitive patient and employee data
First, the good news (such as it is): a ransomware attack on Christus Health by Avos Locker has not impacted patient care. Now, the bad news: the threat actors acquired — and have already leaked — a lot of sensitive information on patients and employees. On May 11, Avos Locker added Christus Health to their…
Excellus Health Plan Settles Data Breach Suit With Policyholders
Samantha Hawkins reports: Excellus Health Plan Inc. will settle a data breach lawsuit with a certified class over a 2013 hacking incident that compromised the personal data of approximately 10 million policyholders. Matthew Fero, who filed the suit against Excellus and several associated healthcare companies in 2015, claims that customers’ personal identifying information, Social Security…
Health startup myNurse to shut down after data breach exposed health records
Zack Whittaker reports: myNurse, a healthcare startup that provides chronic care management and remote patient monitoring services, said it will shut down at the end of the month after reporting a data breach that exposed personal health information of its users. The startup, which launched as Salusive Health, said in a data breach notice filed…
New York dental insurer reports phishing incident, French hospital group hit in ransomware incident
Healthplex, Inc. in New York provides dental insurance plans. On November 24, 2021, an employee reportedly fell for a phishing attempt. As a result, the insurer notified 76,262 of their insured members whose personal information may have been impacted. They do not make clear whether their investigation confirmed access and exfiltration or just access, so…
NH: Center for Life Management breach impacted mental health clients
From their notice: The Mental Health Center of Greater Manchester (“MHCGM”) is providing notice of a recent data security event that occurred at a third-party community partner MHCGM had used for data storage, Center for Life Management (“CLM”), that may impact the privacy of certain information relating to MHCGM patients or those who were assessed…