North Florida OB-GYN discloses April ransomware incident
Lindsey Nolen reports:
North Florida OB-GYN has notified its patients of a data breach that the health care system became aware of on July 27.
A portion of the health care provider’s computer systems were affected by the cyber incident on or before April 29, according to North Florida OB-GYN.
Read more on CBS 47. The notification indicates that the practice
has decrypted (made readable again) or recovered virtually all of the affected files and has taken actions to strengthen security safeguards for the affected systems and prevent similar incidents.
They do not indicate whether their ability to decrypt files was because they paid any ransom to obtain a decryption key.
The practice has reportedly notified HHS. As in many similar cases, the practice’s investigation found no evidence that any unauthorized person had actually viewed, retrieved, or copied any of medical or personal information, but under HHS’s interpretation of HIPAA, the practice notified patients and HHS because they couldn’t prove definitively that no access had occurred.