Third-Party Data Breach

NY AG Fines NewYork-Presbyterian Hospital Over Tracking Tech Use

January 3, 2024 - New York Attorney General Letitia James fined the NewYork-Presbyterian Hospital (NYP) $300,000 over its use of tracking tech that resulted in private information being shared with third-party tech companies. NYP agreed to update its policies, implement enhanced privacy safeguards, and secure the deletion of protected health information (PHI), in...

Read More


More Articles

Third-Party Data Breaches Continue to Dominate Breach Notifications

by Jill McKeon

This week, Singing River Health System in Mississippi is actively facing system downtime as it investigates a cyberattack on its network. What’s more, Prospect Medical Holdings, which operates 16...

Vendor Data Breach Impacts 1.7M Oregon Health Plan Members

by Jill McKeon

Oregon Health Plan (OHP) notified 1.7 million members of a data breach that originated at one of its vendors, PH TECH, which offers a platform and administrative services for community health...

Imagine360 Suffers Third-Party Data Breach, 112K Impacted

by Sarai Rodriguez

Imagine360, a Pennsylvania-based provider of self-funded health plan solutions,  alerted over 112,000 individuals about a third-party data breach from January 2023, which occurred on its Citrix...

Health3PT Unveils First Actions to Address Third-Party Risk Management

by Sarai Rodriguez

The Health 3rd Party Trust (Health3PT) Initiative has unveiled its first deliverables to tackle third-party cyber risk management (TPRM) in healthcare, backed by a rapidly growing membership of...

3 Best Practices For Maturing Healthcare Third-Party Risk Management

by Jill McKeon

Third-party risk management (TPRM) remains a significant challenge for healthcare organizations of all sizes, as exemplified by the high volume of third-party data breaches reported to HHS in 2022. As healthcare organizations continue to...

Iowa Medicaid Suffers Third-Party Data Breach, 20K Impacted

by Jill McKeon

The Iowa Department of Health and Human Services announced that approximately 20,000 Medicaid members may have had their personal information compromised as a result of a third-party data breach. Iowa...

Vendor Data Breach Impacts At Least 9 Healthcare Organizations

by Jill McKeon

At least nine healthcare organizations recently reported a vendor data breach tied to Adelanto HealthCare Ventures (AHCV), a consulting company that specializes in Medicaid reimbursements. According...

82K Kroger Customers Impacted By Healthcare Data Breach

by Jill McKeon

Postal Prescription Services (PPS), part of Kroger, notified more than 82,000 Kroger customers of a data breach that stemmed from an internal error resulting in improper sharing of patient names and...

Hawaii Skilled Nursing Facility Notifies 20K of Healthcare Data Breach

by Sarai Rodriguez

Aloha Nursing Rehab Centre, a skilled nursing facility in Kaneohe, Hawaii, notified 20,016 patients of a recent healthcare data breach that occurred around early July 2022. On December 28, 2022, Aloha...

Revenue Cycle Management Company Reports Healthcare Data Breach Impacting 250K

by Jill McKeon

Revenue cycle management company Reventics recently notified 250,918 individuals of a healthcare data breach that impacted some patient information. Reventics detected a cyber intruder within its...

Third-Party Data Breach Corrupts Medical Records at NH Hospital

by Jill McKeon

Wentworth Health Partners Garrison Women’s Health (GWH) informed patients that a third-party data breach impacted its IT infrastructure in December 2022, making some patient information...

Tackling Third-Party Risk Management (TPRM) Challenges In Healthcare

by Jill McKeon

The majority of the top ten largest healthcare data breaches reported to HHS in 2022 stemmed from third-party vendors, signaling a need for better third-party risk management (TPRM) practices in the industry. However, healthcare...

Nearly 63K Impacted by Healthcare Data Breach from Exploited Web Server

by Sarai Rodriguez

San Diego-based Sharp HealthCare notified 62,777 patients of a healthcare data breach that may have exposed their personal health information. On January 12, 2023, Sharp HealthCare discovered...

Third-Party Data Breach Victims Double, Healthcare Most Targeted

by Sarai Rodriguez

While the number of total third-party breaches slightly dipped in 2022, the attacks impacted nearly twice as many victims, wreaking havoc on the healthcare industry more than any other sector, Black...

Rise in Third-Party Data Breaches Requires Updated Risk Management Approach

by Jill McKeon

The recent rise in third-party data breaches warrants a reevaluation of third- and fourth-party vendor relationships, new data from SecurityScorecard and the Cyentia Institute suggested. As previously...

IL Hospital Reaches $380K Settlement to Resolve Lawsuit Over Healthcare Data Breach

by Jill McKeon

Dixon, Illinois-based Katherine Shaw Bethea (KSB) Hospital reached a proposed settlement of $380,000 to resolve a class action lawsuit filed in the aftermath of a September 2021 healthcare data...

Specialty Care Clinic Reports Potential PHI Exposure Caused by Tracking Pixels

by Sarai Rodriguez

BayCare Clinic began notifying 134,000 patients of a data breach that potentially exposed protected health information (PHI) stemming from tracking pixels. The specialty care clinic explained that the...

How An Independent Practice Recovered From a Third-Party Ransomware Attack

by Jill McKeon

When Ed Bujold, MD, FAAFP, of Granite Falls Family Medical Care Center in North Carolina, found out in October 2021 that his practice had been impacted by a ransomware attack waged against its cloud vendor, he realized that he had three...

Consulate Healthcare Provides Notice of Third-Party Vendor Data Breach

by Jill McKeon

Consulate Healthcare, which operates 140 nursing homes across the United States, began notifying an undetermined number of individuals of a third-party vendor data breach. According to the notice on...

Recent Articles