Several more providers of anesthesia services have confirmed they have been affected by a data breach at their management services organization (MSO). Last month, HIPAA Journal reported that 13 providers of anesthesia services to hospitals had been affected by the breach. At least five more healthcare providers are now known to have been affected. The latest announcements bring the breach total up to 410,842 records.
- Somnia Pain Mgt of Kentucky – 10,849 individuals
- Resource Anesthesiology Associates of KY PSC – 8,995
- Saddlebrook Anesthesia Services PC – 8,861 individuals
- Somnia, Inc. – 1,326 individuals
- Mid-Westchester Anesthesia Services – 707 individuals
The breach was detected by the MSO on July 11, 2022, with the forensic investigation determining information stored on its systems had been compromised. The affected companies were notified about the breach on September 22, 2022.
The breach involved names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information.
Massengale Eye Care Affected by Eye Care Leaders’ Data Breach
Massengale Eye Care in Moore, OK, has recently announced that the protected health information of up to 15,000 patients has been compromised in a data breach at its EHR vendor, Eye Care Leaders. Massengale Eye Care said it has used the myCare Integrity electronic health records platform since 2017. On or around December 4, 2021, unauthorized individuals gained access to the platform and potentially obtained patient information.
Eye Care Leaders said it is unaware of any misuse of patient data, and no specific evidence was found to indicate the records of Massengale Eye Care patients were viewed or obtained. Since unauthorized access to protected health information could not be ruled out, notifications have been sent to affected individuals. The information potentially accessed includes names, addresses, dates of birth, Social Security numbers, diagnostic information, and health insurance information. Massengale Eye Care confirmed that the breach was confined to the Eye Care Leaders platform.
41 eye care providers are now known to have been affected and the records of at least 3,649,470 patients have been exposed.
Telehealth Vendor Announces 3-Year Data Breach
Miramar, FL-based telehealth provider, MDLIVE Medical Group, has recently announced that the protected health information of 7,439 individuals has been impermissibly disclosed as a result of a third-party analytics tool on its website. MDLIVE Medical Group did not confirm which analytics tool was involved, but similar breaches have been reported by other healthcare providers recently that involved the Meta Pixel tool, which is used for a similar purpose.
MDLIVE Medical Group said the tool was used to better understand how patients interacted on its website and patient portal, in order to make improvements to the portal to improve the quality of care provided to patients. The tool was first added to the website in June 2019 but was accidentally configured to monitor activity on the patient login page of its portal. The tool was removed in August 2022. The data disclosed to the provider of the tool included usernames, passwords, and dates of birth only. There is no indication that the information has been viewed or misused.
The post Anesthesia, Eye Care, and Telehealth Providers Announce Third-Party Data Breaches appeared first on HIPAA Journal.