Health Data

New Notification Requirements in New York for Healthcare Providers Facing a Cybersecurity Incident

Frank J. Fanshawe, Joseph J. Lazzarotti, Jason C. Gavejian and Maya Atrakchi of JacksonLewis write: On August 12, Mahesh Nattanmai, New York’s Chief Health Information Officer, issued a notice letter (“the notice”) on behalf of the New York State Department of Health (“Department”) requiring healthcare providers to use a new notification protocol for informing...

IA: Virginia Gay Hospital notifies patients after discovering compromised employee email account

As posted on the hospital’s web site on August 15: Virginia Gay Hospital Notifies Patients of Security Incident Vinton, Iowa (August 15, 2019) – Virginia Gay Hospital has become aware of a data security incident that may have resulted in the disclosure of the personal information of its patients. Virginia Gay Hospital immediately investigated...

Grays Harbor Community Hospital and Harbor Medical Group notifying 85,000 patients of ransomware incident; Not all EMR have been recovered

Back in July, this site noted a media report about a ransomware attack on Grays Harbor Community Hospital. At the time, and although the incident had first been reported in the media on June 19, the hospital was still not disclosing a lot of details. Yesterday, the hospital issued a formal notice about the...