17 healthcare privacy incidents in May

Numerous privacy incidents at hospitals, IT suppliers and other healthcare organizations captured public attention last month.

While some security incidents only affected a few hundred individuals, others were said to have affected more than 1.5 million.

17 healthcare privacy incidents reported by Becker's Hospital Review in May:

Editor's note: Incidents are presented in order of the number of patients or organizations affected.

1. Inmediata Health Group, a healthcare clearinghouse company, has notified its customers of a data breach that may have exposed the personal information of more than 1.5 million people.

2. Gulfport (Miss.) Anesthesia Services sent letters to 14,000 patients alerting them that their files had gone missing from the practice's storage facility.

3. An employee at Independent Health emailed the information of 7,600 members on March 19 to an unauthorized individual.

4. Centennial, Colo.-based Centura Health began notifying 7,515 patients in May that their information may have been exposed due to a phishing attack.

5. Cincinnati-based TriHealth has alerted 2,433 patients that their data may have been shared with a student mentee in June 2018.

6. Seattle-based Bloodworks, Northwest is notifying 1,893 patients of a March data breach that may have exposed patients' personal information.

7. St. Joseph, Mich.-based Spectrum Health Lakeland is notifying 1,100 patients about a data breach at its billing services vendor that may have put patients' personal information at risk.

8. Philadelphia-based Penn Medicine alerted around 900 patients that their information may have been improperly viewed by a former medical assistant at the hospital.

9. Houston-based Memorial Hermann Health System is notifying more than 600 patients that their financial information may have been exposed.

10. An employee at Toledo, Ohio-based ProMedica stole patient data between April 2017 and March 2019, the U.S. Secret Service alleges.

11. Columbus (Wis.) Community Hospital began notifying patients May 24 that a phishing attack at one of its vendors may have exposed their data.

12. Microsoft is alerting users of its operating systems that a bug, which it has since released patches for, could be used as a cyber-weapon similar to the WannaCry worm.

13. Hackers stole more than $40 million worth of bitcoin on May 4 from one of the world's largest cryptocurrency exchanges.

14. A Paramus, N.J.-based orthopedic surgeon is alerting patients that their personal information may have been exposed due to a ransomware attack in January at his practice.

15. A phishing attack on an employee's email account at Oregon State Hospital may have exposed patients' protected health information.

16. The Department of Homeland Security and Philips issued an alert that the information technology vendor's EMR system Tasy has a cross-site scripting vulnerability that could put patient information at risk.

17. Security researchers uncovered two vulnerabilities in Cisco enterprise routers that could allow hackers to remotely and fully compromise a router's network without alerting the user.

More articles about health IT:
HHS OIG warns against genetic testing scam
Battle of the coasts: How Boston-based digital health companies compete with Silicon Valley for tech talent
Smaller tech 'tweaks' add up to make a big impact on clinical care

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months