HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Data Breaches Reported by Physicians’ Spine and Rehabilitation Specialists of Georgia and One Medical Inc.

The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has notified 38,765 patients that some of their protected health information has potentially been compromised in a cyberattack that occurred on or around July 11, 2022. A team of external cybersecurity experts was engaged to assist with the investigation and remediation efforts, and its systems were successfully restored within a few days without causing any material delays to clinical care.

PSRSG said numerous security measures had been implemented prior to the attack, but the attackers were able to circumvent those defenses. Steps have since been taken to enhance security to prevent similar breaches in the future. The forensic investigation confirmed the attacker had access to its systems for around a week before the intrusion was detected and blocked.

It was not possible to determine which files were accessed or if any sensitive information was stolen in the attack, but the attacker claimed to have stolen sensitive data from its systems and threatened to release that information publicly. A review of the files on the compromised systems confirmed they contained protected health information, which included names, birth dates, contact information, Social Security numbers, driver’s license numbers, treatment information, guarantor information, and insurance information. The types of data in the files varied from individual to individual. PSRSG said affected individuals have been notified and offered free credit monitoring and identity theft insurance through Experian, “solely to give patients peace of mind.”

One Medical, Inc. Confirms Hacking Incident and Potential Data Breach

The Sherman, TX-based healthcare provider, One Medical Inc., has recently confirmed that it was the victim of a cyberattack in which names, addresses, medical information, and Social Security numbers were potentially compromised. The data breach was reported to the Attorney General of Texas on September 9, 2022, as a hacking incident. Limited information is currently available, but the breach appears to have affected at least 964 Texas residents.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

This is the second data breach to have hit the firm in the past year or so. In July 2021, One Medical reported an email error in which the PHI of 1,009 individuals was impermissibly disclosed.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.