Business Associate Data Breaches Affect Florida Healthcare Providers
PhyNet Dermatology, a business associate of Premier Dermatology Partners, has identified unauthorized access to an email account containing patient information. Baptist Health South Florida has recently confirmed that it was affected by a breach at Oracle Health (Cerner).
PhyNet Dermatology – Premier Dermatology Partners
PhyNet Dermatology, a provider of managed administrative services to dermatology practices, has announced a breach that has affected one of its affiliates, Boca Raton, FL-based Total Vein & Skin, LLC, which does business as Premier Dermatology Partners.
Suspicious activity was identified in an employee’s email account on November 7, 2024. Immediate action was taken to secure the account, and an investigation was launched to determine the nature and scope of the activity. The investigation determined that the breach was more extensive, and further employee email accounts had also been compromised.
The review was completed on June 6, 2025, and confirmed that Premier Dermatiology Partners’ data was present in the compromised accounts. The types of information involved vary from individual to individual and may include names in addition to one or more of the following: address, Social Security number, financial account information, date of birth, medical history information, treatment information, diagnosis information, treating physician, medical record number, and health insurance information.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
PhyNet Dermatology has reviewed its policies and procedures and enhanced certain administrative and technical controls. Additional security awareness training has also been provided to the workforce to reduce the risk of similar incidents in the future.
Baptist Health South Florida
Baptist Health South Florida has recently confirmed that it has been affected by the Oracle Health hacking incident, which involved unauthorized access to legacy Cerner servers that were awaiting migration to Oracle Cloud. No Baptist Health South Florida systems were compromised.
Data compromised in the incident includes names, Social Security numbers, medical record numbers, physician names, diagnoses, medical images, test results, and treatment information. Many of the healthcare providers affected by the Oracle Health incident issued notifications shortly after being notified about the January 22, 2025, hacking incident.
Baptist Health South Florida said its notifications were delayed at the request of law enforcement while the incident was investigated. The affected individuals are now being notified by mail and have been offered complimentary credit monitoring and identity theft protection services. Baptist Health South Florida has not publicly disclosed the number of individuals affected, and the breach is not currently listed on the HHS’ Office for Civil Rights breach portal.
