On November 16, the Center for Vitreo-Retinal Diseases in Illinois notified HHS of a breach that they coded as “unauthorized access/disclosure” involving PHI on the network server. Here is the notice on their web site that describes what the ransomware incident: The Center for Vitreo-Retinal Diseases has become aware of a potential data security incident…
Search Results for: patient
Georgia Spine and Orthopaedics of Atlanta notifies 7,012 patients after phishing attack
Another day, another successful phishing attack in the healthcare sector. From the web site of Georgia Spine and Orthopaedics of Atlanta: Georgia Spine and Orthopaedics of Atlanta (“GSO”) was a recent victim of an email “phishing” scam that resulted in unauthorized access to an employee’s email account. “Phishing” involves scammers sending emails that look legitimate,…
About 2.65M patients at Charlotte’s Atrium Health hit with third-party data breach
Caroline Hudson reports: About 2.65 million patients of Charlotte-based Atrium Health were recently hit with a data breach in which unauthorized parties gained access to their information. Hackers attempted to lift patient information over a weeklong period from Sept. 22-29. The data was stored in a third-party system provided by AccuDoc Solutions Inc., which provides…
Mercy Medical Center – North Iowa notifies 1,900 patients after insider wrong-doing discovered
Ashley Stewart reports: Mercy Medical Center–North Iowa has notified about 1,900 individuals of a potential data breach involving their health records and personal information. In notification letters mailed to affected individuals and their families Nov. 26, patients were told their protected health information may have been “inappropriately accessed by an employee between July 2017 and…
Allergy practice pays $125,000 to settle doctor’s disclosure of patient information to a reporter
From HHS, this enforcement action press release: Allergy Associates of Hartford, P.C. (Allergy Associates), has agreed to pay $125,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act…
OVMC, EORH patients diverted to other hospitals after ransomware attack
Linda Comins of The Intelligencer is reporting: Emergency squad patients are being diverted away from Ohio Valley Medical Center and East Ohio Regional Hospital this weekend because the hospitals’ computer system has been attacked by Ransomware. Karin Janiszewski, director of marketing and public relations for OVMC and EORH, confirmed Saturday afternoon that a Ransomware attack…