Health Data

Mount Desert Island Hospital updates its breach disclosure again but still doesn’t reveal what data were leaked

On July 1, DataBreaches reported that  Mount Desert Island Hospital (MDIH) in Maine notified HHS on June 30 that 24,180 patients had been affected by a breach between April 28 and May 7. The types of protected health information involved included name, address, date of birth, driver’s license/state identification number, Social Security number, financial...

OCR Presents: How the Security Rule Can Help Defend Against Cyber-Attacks

The HHS Office for Civil Rights (OCR) will be producing a pre-recorded webinar for HIPAA covered entities and business associates (collectively, “regulated entities”) discussing how the Security Rule can help regulated entities defend against cyber-attacks. The webinar will discuss real world cyber-attack trends from OCR breach reports and investigations and explore how implementation of...

Israeli mental health center in Jerusalem hit with cyberattack

The Jerusalem Post reports: The Kfar Shaul Mental Health Center in Israel’s capital of Jerusalem was hit with a suspected cyberattack, the Health Ministry said Tuesday. The ministry’s cyber security department, as well as Israel’s Cyber Authority, are looking into the incident. The Times of Israel also reports a cyberattack, but says the suspected...

Conti member indicted for role in 2021 Scripps Health ransomware attack

On September 7, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), in coordination with the United Kingdom, sanctioned 11 individuals who are alleged to be part of the Russia-based Trickbot cybercrime group. At the same time, the U.S. Department of Justice (DOJ)  unsealed indictments against nine individuals in connection with...

Texas Medical Liability Trust updates its data breach notification; now provides notification on behalf of almost 60,000 individuals

In March, Texas Medical Liability Trust on behalf of itself and its affiliates, Texas Medical Insurance Company, Physicians Insurance Company, and Lone Star Alliance, Inc., a Risk Retention Group (collectively “TMLT”) filed a breach notification with the Maine Attorney General’s Office. That submission indicated that 625 individuals had been affected by a breach that...

Bloom Health Centers discloses data breach involving mental health data of 1,545 patients

Updated September 13: This incident was reported to HHS as affecting 1,654 patients. On September 11, Psych Associates of Maryland LLC d/b/a Bloom Health Centers (“Bloom Health”), a mental health service provider, announced a data security incident that involved the personal and protected health information of some clinicians and patients. Before digging into the...