Several employee email accounts of Ohio Business Associate MNS were hacked in 2019. Ohio-based Management and Network Services (MNS) recently began notifying 30,132 patients that their data was potentially compromised after several employee email accounts were hacked between April and July 2019. MNS first began notifying its clients of the breach on March 5, 2020, more than six months after the incident was first discovered. It’s important to note that under HIPAA, all breaches impacting more than 500 patients must be reported within 60 days of discovery.

Mille Lacs Health System Reports 2019 Phishing Attack. About 10,000 Mille Lacs Health System patients are being notified that their data was potentially breached after several employees fell victim to a targeted phishing campaign in 2019. The investigation confirmed the accounts contained patient health information, which the hacker potentially accessed.

PsyGenics Reports Data Breach After Email Incident. PsyGenics in Michigan is notifying an undisclosed number of patients that their data was potentially breached after an employee email incident. On March 25, 2020, officials said they discovered an employee forwarded PsyGenics information with an attached Excel spreadsheet to their personal email account without authorization. The spreadsheet contained patient information that included names, diagnosis codes, appointment times, and provider names.

HHS/OCR HIPAA Wall of Shame

Security and compliance are first and foremost in the management of our clients' systems. After conducting thousands of SRAs, common vulnerabilities began to emerge. We launched HIPAA Tip Tuesday to make clients aware of what actions they can take to address these vulnerabilities.

Have a great week!

 

Dawn Meglino
HIPAA Compliance Office
StratX IT Solutions
dmeglino@stratxit.com
(914) 683-0005 Ext. 2108 - Work | (914) 646-2974 - Mobile