Data breaches reported by Georgia Physicians Spine and Rehabilitation Specialists and One Medical Inc.
Physicians Spine and Rehabilitation Specialists of Georgia (PSRSG) notified 38,765 patients that some of their protected health information was potentially compromised in a cyberattack that occurred on or about July 11, 2022. A team external cybersecurity experts were engaged to assist with investigation and remediation efforts, and its systems were successfully restored within days without causing significant delays to clinical care.
The PSRSG said many security measures were implemented before the attack, but the attackers were able to circumvent these defenses. Steps have since been taken to tighten security to prevent similar violations in the future. The forensic investigation confirmed that the attacker had access to his systems for about a week before the intrusion was detected and blocked.
It could not be determined which files were accessed or if sensitive information was stolen in the attack, but the attacker claimed to have stolen sensitive data from his systems and threatened to make this information public . A review of files on the compromised systems confirmed that they contained protected health information, including names, birth dates, contact information, social security numbers, driver’s license numbers, treatment, guarantor information and insurance information. The types of data in the files varied from person to person. The PSRSG said those affected were notified and offered free credit monitoring and identity theft insurance through Experian, “solely to give patients peace of mind.” .
One Medical, Inc. Confirms Hacking Incident and Potential Data Breach
Sherman, Texas-based healthcare provider One Medical Inc. recently confirmed that it was the victim of a cyberattack in which names, addresses, medical information and social security numbers were potentially compromised. The data breach was reported to the Texas Attorney General on September 9, 2022 as a hacking incident. Limited information is currently available, but the breach appears to have affected at least 964 Texas residents.
3 Steps to HIPAA Compliance
Please check the HIPAA log
- Step 1: Download the checklist.
- Step 2: Review your business.
- Step 3: Get in compliance!
The HIPAA Journal Compliance Checklist provides the top priorities for your organization to become fully HIPAA compliant.
This is the second data breach to affect the company in the past year. In July 2021, One Medical reported an email error in which the PHIs of 1,009 people were unauthorized disclosed.