The following breaches in healthcare were reported this week:
Village Pharmacy Group data breach
Village Pharmacy Group, a healthcare provider in Massachusetts, reported a data breach on November 18, 2024. The breach was caused by a hacking/IT incident involving email, affecting 584 individuals. The exposed data included personal and health-related information.
Berkshire Nursing & Rehab Center, LLC data breach
Berkshire Nursing & Rehab Center, a healthcare provider in Illinois, reported a breach on November 18, 2024, impacting 4,237 individuals. The breach occurred due to a hacking/IT incident involving their network server, potentially exposing sensitive health information.
The Arbors Operator, LLC data breach
The Arbors Operator, LLC, based in Indiana, reported a breach on November 18, 2024, affecting 2,808 individuals. This hacking/IT incident involved electronic medical records and the network server, exposing personal and medical data.
Enso Counseling Group, PLLC data breach
Enso Counseling Group, a healthcare provider in New Hampshire, experienced a data breach on November 20, 2024. The breach, involving email, affected 850 individuals. The incident was due to unauthorized access to sensitive data.
Laboratory Services Cooperative data breach
Laboratory Services Cooperative, a healthcare provider in Washington, reported a breach on November 20, 2024, affecting 501 individuals. This breach was caused by a hacking/IT incident that involved the network server, exposing health-related information.
York County data breach
York County, a healthcare provider in Pennsylvania, reported a data breach on November 20, 2024. The breach, impacting 501 individuals, resulted from a hacking/IT incident involving email, which led to unauthorized access to personal health information.
Pinnacle Claims Management data breach
Pinnacle Claims Management, a business associate in California, reported a data breach on November 21, 2024, affecting 1,119 individuals. The breach was caused by a hacking/IT incident involving a network server, potentially exposing sensitive patient information.
Lubbock County Hospital District data breach
Lubbock County Hospital District in Texas experienced a data breach on November 22, 2024, affecting 501 individuals. The breach, classified as a hacking/IT incident, was related to unauthorized access of the network server, exposing sensitive health data.
East Paris Internal Medicine Associates, PC data breach
On November 22, 2024, East Paris Internal Medicine Associates, PC, a healthcare provider located in Michigan, reported a data breach addicting 5,239 individuals. The breach, classified as “Unauthorized Access/Disclosure” occurred due to email-related issues, although specific details regarding the unauthorized access were not disclosed.
Vann Virginia Center for Orthopaedics, PC dba Atlantic Orthopaedic Specialists data breach
Vann Virginia Center for Orthopaedics, also known as Atlantic Orthopaedic Specialists in Virginia, reported a data breach on November 22, 2024. This breach, caused by a hacking/IT incident involving email, affected 15,264 individuals. They confirmed that sensitive patient information, including Social Security numbers, may have been exposed.
FAQs
Is encryption mandatory for healthcare data under HIPAA?
Encryption is strongly recommended by HIPAA to protect sensitive patient data, particularly when stored or transmitted electronically.
What is the most common cause of data breaches in healthcare?
Phishing attacks are among the most common causes, where employees are tricked into providing credentials or sensitive information, leading to unauthorized access.
What should healthcare organizations do immediately after discovering a breach?
They should secure systems, contain the breach, notify affected individuals and relevant authorities, and investigate the extent of the breach to prevent further damage.
Liyanda Tembani
