On March 15, Jessica Gavin reported: A cyber security breach, striking Methodist Hospital in Henderson. We’re learning the FBI is investigating this right now, but there’s some good news. [….] David Park, COO of Methodist, tells 14 NEWS the hackers have copied patients records and locked those copies. They’ve deleted the originals. “We’ve notified the FBI,…
Ransomware Propagation Tied to TeamViewer Account
As if you needed another reason to distrust remote access viewers, David Bisson reports: Researchers have tied the propagation of a new type of ransomware to a TeamViewer user. TeamViewer is a cross-platform service that enables remote computer access for tech support calls, meetings, and other purposes. It has been installed on more than a billion devices,…
Featured Story: Henry Ford Healthcare System: creating a culture of privacy
Over the past decade of reporting on healthcare sector breaches, I can probably count on one hand the number of entities who have impressed me that they really “get” that responding to a privacy breach is not primarily about data or statutory notifications. It’s about addressing any distrust or anxiety patients may feel about you protecting their confidentiality, because…
Not our hack, not our data breach: Greenshades
Although media reports this month have been talking about a hack of payroll services provider Greenshades that has resulted in clients’ employees discovering that their identity info has been used for fraudulent returns, Greenshades want you to know that they haven’t had a breach of their system. Earlier this week, Karen Berkowitz reported that District…
Missing mental health assessments result in HIPAA notifications by VA to 373 veterans
I was skimming the Veterans Administration report to Congress on data breaches and incidents for February and thinking, “Hey, this looks pretty good this month,” and then…. I saw an incident involving the VA Midwest Health Care Network in St. Cloud, Minnesota. On February 9, a staff member conducted group meetings to complete a paper packet with…
NJ: Virtua Medical Group notifies 1,654 patients whose information was exposed on Internet (updated)
On March 11, Burlington County Times reported: Virtua Medical Group, the network of doctors exclusively affiliated with the South Jersey health system, reported Friday that patient information — including names and treatments over a five-year period — was accidentally released and viewable on the Internet in January. The medical group learned on Jan. 21 that…