There were a couple of notable HIPAA breaches last week that I wanted to share with you. One of them was Brooklyn Hospital. They were hit with a Ransomware attack. From what is being reported, patient data was not only exposed, it was permanently lost! This is the ultimate issue that HIPAA Laws are trying to help us prevent. Losing data puts the patient record at risk and could cause problems with patient treatment. Anyway, Despite remediation efforts to recover all the data infected with malware, the hospital determined in September that certain patient data were unrecoverable. There is no evidence data were accessed or acquired or of any attempted misuse of the data, the hospital said.
The other breach was a healthcare system in Maine. According to a press release Tuesday, Nov. 5, InterMed, P.A. first learned about the unauthorized access to one of its employee’s email accounts on September 6. The company says it took immediate action to secure the account and hired a nationally recognized forensics team to conduct a comprehensive, independent investigation. The investigation found that three other employee email accounts were also hacked between Sept. 7 and Sept. 10, 2019. As a result, InterMed says it reviewed the messages and attachments in the email accounts and found they contained the information of roughly 30,000 of its patients.
I feel for these facilities. We can put your network inside of Fort Knox and if someone clicks on something they shouldn’t, your network is compromised. Education is becoming more and more important and the key to keeping your network safe.