HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Tidelands Health Recovering from Malware Attack

Tidelands Health in Georgetown, SC, is working round the clock to restore its computer systems after the discovery of malware on its network on December 12, 2019. The attack has forced the healthcare provider to shut down parts of its network and implement emergency protocols. Staff have been using paper records for patients while the malware is removed and systems are restored and brought back online.

Patients are being seen and quality care is still being provided, although a limited number of non-emergency appointment have had to be rescheduled, according to Tidelands Health spokesperson, Dawn Bryant.

The type of malware involved has not been disclosed, although Tidelands Health has said no data was lost and patient information was not compromised.

Third-party cybersecurity experts have been engaged to investigate the attack, remove the malware, and restore its systems. That is a time-consuming, methodical process as the stability and integrity of every system must be thoroughly assessed before it is possible to bring each back online.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Stolen Children’s Hope Alliance Laptop Computer Contained the PHI of 4,564 Patients

Barium Springs, NC-based healthcare provider, Children’s Hope Alliance, is notifying 4,564 patients that some of their protected health information has been exposed. The data was stored on an employee’s laptop computer which was stolen on October 7, 2019.

Third-party computer forensics investigators have been engaged to determine what information was stored on the laptop. The investigation is ongoing, but the preliminary findings indicate documents on the device contained names, addresses, Social Security numbers, tax ID numbers, dates of birth, medication and dosage information, and usernames and passwords.

Notifications will be sent to affected individuals when the investigation has been completed. At this stage, no evidence has been found to indicate any patient information has been accessed by unauthorized individuals and no reports of misuse of patient information have been received.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.