Beaumont Health, which is the biggest healthcare company in Michigan, began sending notifications to around 6,000 patients concerning the possible access of some of their protected health information (PHI) by unauthorized people.
On June 5, 2020, Beaumont Health discovered that unauthorized people got access to email accounts from January 3, 2020 to January 29, 2020. The email accounts were comprised of the PHI of patients such as birth dates, procedure and treatment details, type of treatment given, diagnoses, diagnosis codes, prescription data, medical record numbers, and patient account numbers.
Even though unauthorized people got access to the email accounts, there is no proof identified that indicate the attackers viewed or duplicated the emails or email attachments in the email accounts. There is likewise no report gotten that shows the misuse of patient information.
This is Beaumont Health’s second announcement of a phishing-related breach this 2020. Last April, Beaumont Health started sending notification 112,211 people regarding the breach of some of their PHI included in email accounts at the end of 2019.
Beaumont Health already took steps to better its internal processes to enable it to determine and minimize threats more quickly down the road. Extra safety measures were put in place to strengthen email security, such as using multi-factor authentication. Additional training on identifying and dealing with malicious emails was likewise offered to workers.
Inappropriate Disposal of Healthcare Records by Southcare Minute Clinic
The North Carolina Department of Health and Human Services is investigating the Southcare Minute Clinic located in Wilmington, NC regarding the inappropriate junking of healthcare records. The Wilmington Police Department reacted to a call informing them that sensitive paperwork and dangerous waste were discarded in a standard dumpster at the rear of the past Southcare Minute Clinic located at 1506 Market Street.
The dumpster was discovered to have documents with patient details, used needles, and other dangerous waste materials. The police affirmed that there was a violation of HIPAA rules, however, confirmed that there was no crime done. Since then, the dumpster was taken away and there is no more risk to community safety. The North Carolina Department of Health and Human Services is going to identify if it is right to issue a financial penalty.
Samaritan Medical Center Looking into Possible Data Breach
Samaritan Medical Center located in Watertown, NY reported a security occurrence that has compelled it to take down its computer networks. Employees have turned to use pen and paper while the incident is being resolved at the same time providing healthcare to patients. Patients were not moved to other centers, however, a number of non-urgent consultations were canceled. No more data about the specific nature of the breach is available at this time.