Numerous privacy incidents at hospitals, IT suppliers and other healthcare organizations captured public attention last month.
While some security incidents only affected a few thousand individuals, others were said to have affected more than 2.2 million.
A database that held personal information for MedicareSupplement.com was left vulnerable to hackers, which may have compromised 239,000 patients.
An April ransomware attack on Evansville, Ind.-based Talley Medical Surgical Eyecare Associates’ network server and EHR system may have compromised 106,000 patient records.
Austin Pathology Associates has notified 46,500 patients about a data breach at one of its billing and collections vendors American Medical Collection Agency.
An unauthorized third party gained access to an employee’s email account at a New York ACO that had a spreadsheet of information for around 25,000 patients.
Placerville, Calif.-based Shingle Springs Health and Wellness Center discovered that its server infrastructure was infected with ransomware on April 7, which may have compromised the protected health information of 21,513 patients.
Louisville, Ky.-based Park DuValle Community Health Center paid hackers around $70,000 to unlock around 20,000 patient medical records.
Northwood, a Michigan HIPAA business associate, has notified more than 15,000 patients that a hacker had gained access to an employee’s email account and potentially viewed their protected health information.
An employee of Los Angeles County Department of Health Services contractor Nemadji Research Corp. became a victim to a phishing attack in March that exposed 14,591 L.A. County patients’ personal information.
Cancer Treatment Centers of America discovered on June 6 that an employee’s email account at its Philadelphia-based Eastern Regional Medical Center was compromised in a phishing attack, putting 3,900 patients at risk.