Recent cybersecurity incidents have emerged in various healthcare institutions, unveiling insider threats and unauthorized access. Eastern Idaho Public Health, Pacific Pulmonary Medical Group, and Ingham County Medical Care Facility have reported breaches, raising concerns about data security and privacy.

Eastern Idaho Public Health Breach

Eastern Idaho Public Health has notified certain patients of an unauthorized access incident involving one of its former employees. - A review of the employee's access logs and staff interviews revealed unauthorized viewing of medical records, including patient clinic notes, health screening information, patient histories, assessments, orders, and test results. - No evidence suggests that the records were copied or misused maliciously. - The involved employee was terminated, and staff received reinforced training on HIPAA guidelines. The breach is yet to appear on the Office for Civil Rights breach portal, leaving the number of impacted patients unclear.

Pacific Pulmonary Medical Group Unauthorized Access

Pacific Pulmonary Medical Group (PPMG), based in Riverside, CA, has identified a security breach involving compromised credentials. - An unauthorized individual accessed the group's scheduling software using an employee's compromised login details between October 21 and October 22, 2024. - The California Attorney General has been informed, though specifics of the data involved were not detailed in the breach notice. - Affected individuals are being notified, with offers of complimentary credit monitoring services provided.

Ingham County Medical Care Facility Data Compromise

Ingham County Medical Care Facility, operating as Dobie Road, has confirmed a breach affecting the protected health information of 3,078 patients. - The incident occurred at a third-party electronic health records portal manager around September 19, 2024. - Personal data such as names, addresses, and Social Security numbers may have been exposed. - Notification letters have been dispatched to the impacted individuals as of December 27, 2024.

These incidents underscore the ongoing challenges healthcare institutions face in safeguarding sensitive information. Continuous vigilance and strengthening of security protocols remain crucial to protecting patient data and privacy.

The link has been copied!