Dental Care Alliance Data Breach Impacts More Than 1 Million Patients
Sarasota, FL-based Dental Care Alliance, LLC, a dental support organization with more than 320 affiliated dental practices across 20 states, has been hacked and the protected health information of more than a million individuals has potentially been compromised. The breach occurred on September 18, 2020, was detected on October 11, and was contained on October 13. A breach notification submitted to the Maine Attorney General’s office indicates some patient information was acquired by the hackers, such as patient names in combination with financial account numbers, although Dental Care Alliance said only around 10% of the affected individuals had their financial account number exposed. For the majority of individuals affected by the breach, the information potentially compromised was limited to names, addresses, diagnoses, treatment information, patient account numbers, billing information, dentists’ names, and health insurance information. Dental Care Alliance said it acted quickly when the breach was discovered to secure its systems to prevent any further unauthorized...
Six More Healthcare Providers Impacted by Ransomware Attacks
GBMC HealthCare in Maryland, Golden Gate Regional Center in California, and Dyras Dental in Michigan have recently suffered ransomware attacks and Allegheny Health Network, AMITA Health, and Bayhealth have announced they have been affected by the ransomware attack on Blackbaud Inc. GBMC HealthCare Towson, MD-based GBMC HealthCare has announced it suffered a ransomware attack on December 6, 2020 that forced its computer systems offline and the healthcare provider is now operating under EHR downtime procedures while the attack is mitigated. GBMC HealthCare had planned for such an attack and had processes in place to ensure care could continue to be provided to patients while keeping disruption to a minimum. Safe and effective care continues to be provided to patients and its emergency department did not stop receiving patients; however, some elective procedures scheduled for Monday 7, December were postponed. Efforts are underway to bring systems back online and restore the encrypted data and law enforcement has been notified and is investigating the attack. The Egregor ransomware...
Critical Vulnerabilities Identified in More Than 100 GE Healthcare Imaging and Ultrasound Products
Two critical severity vulnerabilities have been identified in GE Healthcare medical imaging devices that allow remote code execution and access/alteration of sensitive patient data. The vulnerabilities affect GE Healthcare’s proprietary management software and impact more than 100 GE Healthcare imaging devices including MRI, Ultrasound, Advanced Visualization, Interventional, X-Ray, Mammography, Computed Tomography, Nuclear Medicine and PET/CT devices. Affected GE Healthcare Products Device Product Families MRI Brivo, Optima, Signa Ultrasound EchoPAC, Image Vault, LOGIQ, Vivid, Voluson Advanced Visualization AW Interventional Innova, Optima X-Ray AMX, Brivo, Definium, Discovery, Optima, Precision Mammography Seno, Senographe Pristina Computed Tomography BrightSpeed, Brivo, Discovery, Frontier LightSpeed, Optima, Revolution Nuclear Medicine, PET/CT Brivo, Discovery, Infinia Optima, PET Discovery, PETtrace, Ventri, Xeleris The vulnerabilities were identified by Lior Bar Yosef and Elad Luz of CyberMDX who reported them to GE Healthcare in May 2020. CyberMDX has dubbed the flaws...
Webinar: How HIPAA-Compliant Messaging Transforms Healthcare
Data show 70% of delays in providing treatment to patients is due to miscommunication, so resolving the problems that result in miscommunication in healthcare is key to improving quality of care, clinical outcomes, and the patient experience. One of the biggest contributory factors to miscommunication is the use of outdated communications systems, which has long been a problem in healthcare. Fortunately, there is a solution that has been shown to greatly improve communication efficiency and reduce the potential for errors and miscommunication – a secure texting platform. To find out more about secure, HIPAA-compliant messaging and how it can make care teams immediately more efficient and effective, we invite you to join this upcoming webinar. During the webinar you will discover how this single change can lead to major improvements in collaboration, save valuable time, decrease costs, and lead to happier staff and patients. The webinar is being hosted by TigerConnect, the leading secure healthcare messaging provider, and will take place on Wednesday, December 9 at 10 a.m. PT / 1...
Insider Data Breaches Reported by Montefiore Medical Center and Mercy Health
Insider data breaches have been reported by Montefiore Medical Center and Mercy Health. Both incidents involved an employee accessing patient information when there was no legitimate work-related reason for doing so. Former Montefiore Medical Center Employee Accessed Patient Data for Billing Scam Montefiore Medical Center in New York City has discovered a former employee accessed patient information as part of a billing scam. Patient names, medical record numbers, and surgery dates were viewed and used to create invoices for unused surgical products, in connection with a vendor. Montefiore Medical Center discovered the fraud after the invoices had been paid and launched an investigation that revealed the former employee had accessed the information of approximately 4,000 patients without authorization between January 2018 and July 2020. Medical records, Social Security numbers, and financial information were not accessed, and the investigation has not uncovered any evidence to suggest patients or their insurance companies were defrauded. The fraud has been reported to law...



