Category: Healthcare

Created with Sketch.

Chautauqua Center (TCC) in New York disclosed a HIPAA breach by a business associate. The business associate’s error resulted in the protected health information of 747 physical and occupational therapy patients becoming accessible to other covered entities

According to their victim notification letter, the breach occurred on December 22 at WebPT which provides electronic medical record (EMR) services for Chautauqua Physical and Occupational Therapy. In a letter sent to TCC dated January 13, WebPT explained that the error occurred during an upgrade. In response, WebPT disabled access within 19 hours of the…
Read more

Sentara Health is notifying 741 patients of a data leak after a mistake by a Coronis Health employee

Sentara Health in Virginia reports that on Dec. 19, an anonymous person called their hotline to report that while searching for something online, the caller came across an exposed file with Medicare patient billing information. Sentara quickly verified the caller’s report and determined that the file was uploaded to the Adobe Acrobat website by an…
Read more

The websites of nine hospitals in Denmark went down on Sunday evening following Distributed Denial of Service (DDoS) attacks by Anonymous Sudan group

The Copenhagen Health Authority said on Twitter that although the hospitals’ websites were down, medical care at the facilities was not affected by the attacks and the websites were back up after two hours. Anonymous Sudan claimed that the attacks were “due to the burning of the Koran”, a reference to the incident in Stockholm…
Read more

Trove of LA student mental health records released to DarkNet after cyber attack

Detailed and highly sensitive mental health records of hundreds — and possibly thousands — of former Los Angeles students were released online after the city’s school district fell victim to a massive ransomware attack last year, an investigation by The 74 has revealed. The psychological evaluations of the students, released to the dark web leak…
Read more

Medical records of 4,158 Garrison Women’s Health patients lost due to IT vendor attack

Medical records of Garrison Women’s Health patients were recently “subject to unauthorized third-party activity,” according to information released Friday evening by Wentworth-Douglass Hospital. For 4,158 patients, data such as appointment records and certain personal health information cannot be recovered, according to Adam Bagni, a hospital spokesman. The hospital says there is “no evidence” the information…
Read more

The Center for Autism and Attention Deficit Disorder (“CARD”) suffers a data breach after a vendor error caused a HIPAA violation

The Center for Autism and Attention Deficit Disorder (“CARD”) experienced a data breach on January 24 when “as part of a recent update to its patient billing systems, the third-party vendor responsible for generating patients and invoices incorrectly made a computer error that resulted in certain therapists being invoiced for services for a patient unrelated”.…
Read more

California Medical Group data breach affects 3.3 million patients

Multiple medical groups at Heritage Provider Network in California suffered a ransomware attack, exposing sensitive patient information to cybercriminals. The medical groups affected by the cyber attack are Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group and Greater Covina Medical. The companies jointly released a data breach notification earlier this month and shared a…
Read more

Federal regulators fine Banner Health $1.25 million over HIPAA breach

The enforcement action against the Phoenix, Arizona-based nonprofit, announced Thursday, is the first seven-figure monetary penalty in a HIPAA violation case by the Department of Health and Human Services and Civil Rights since January 2021. Over the past two years, the firm has focused more on obtaining settlements against organizations in cases involving alleged violations…
Read more

Skip to content