Subcontractor

MA: ResiDex Software discloses ransomware incident affecting clients’ patients’ protected health information

And yet another ransomware incident. They do not disclose the number of patients who were notified about this. Of note, sounds like their recovery was pretty smooth because they were prepared. BOSTON, June 18, 2019 /PRNewswire/ — Tenx Systems, LLC d/b/a ResiDex Software (“ResiDex”) specializes in providing software for assisted living homes, group homes, and...

Two Maryland medical practices notify patients after business associate error exposes patient information

Maryland-based Capitol Cardiology Associates (CCA) and Southern Maryland Medical Group (SMMG) are notifying patients because of an incident involving a third-party vendor/business associate. According to their notification letters, on March 14, Meditab Software, Inc. became aware of a potential breach involving protected health information (phi). The breach may have included patients’ medical records or...

And so it begins… state attorneys general investigating American Medical Collection Agency breach

From the Illinois Attorney General’s Office: Chicago — Attorney General Kwame Raoul and Connecticut Attorney General William Tong today announced an investigation into the data breach at American Medical Collection Agency, which may have exposed the personal information of nearly 12 million patients of Quest Diagnostics (Quest) and 7.7 million Laboratory Corporation of America (LabCorp) patients....

Aetna first notifying 238 Virginia employees of BenefitMall breach that they’ve known about since December, 2018?

In January, 2019, we learned about a breach at Centerstone Insurance and Financial Services, Inc. d/b/a BenefitMall, a business associate.  The breach reportedly affected more than 111,000 insurance members/covered employees of the vendor’s clients. HIPAA Journal covered the incident. Yesterday, Aetna issued a public notice  related to the incident. Surprisingly, their notice discloses that...

Unsurprisingly, big numbers from the AMCA breach are starting to be revealed

On May 10, when DataBreaches.net first reported that the American Medical Collection Agency had been breached, we reported that information from 200,000 payment cards had been found for sale on a top-tier market by Gemini Advisory analysts, whose investigation linked those cards to AMCA.  At the time, we did not know how many other...