Aultman Health Foundation Notifying Patients of Insider-Wrongdoing The ohio foundation is notifying approximately 7,000 patients that a former employee accessed their records without concern need. HOYA Optical Labs of America Notifying Patients of Ransomware Incident As first reported by HealthITSecurity, the Japanese-headquartered firm notified 3,259 U.S. patients of a ransomware incident. The incident occurred in march and was discovered in April. To their credit, they informed those affected that the stolen data had been published by the terror actors. Implementing the HIPAA Security Rule: call for Comments Extended to July 9th The national institute of Standards and technology (NIST) has�extended the due date to July 9, 2021, for providing comments on NIST Special Publication (SP) 800-66 Revision 1,�An Introductory Resource run for Implementing the Health Insurance Portability and Accountability play (HIPAA) Security Rule�(Resource Guide). See the�call for comments�for more details and instructions for submitting comments. attention N upkeep Insurance fellowship of north Carolina, Inc. d/b/a HealthTeam reward (HealthTeam Advantage) Notifies Members of Beacon Health Solutions breach DataBreaches.net had first noted the Beacon Health Solutions breach in a November, 2020 report�after it appeared on REvil’s dedicated leak site in October. We later learned that beacon notified HHS on December 11, 2020, but their describe claimed 500 patients impacted, which seemed significantly less than what had been publicly dumped by terror actors. in April, BHS issued a press discharge that this site reported and criticized for claiming that they first discovered the breach on january 29. This week, aid N aid insurance company of northward Carolina, Inc. d/b/a HealthTeam Advantage (HealthTeam Advantage) disclosed that they were impacted by the breach. Their notice stated, in part, “Prior to the egress beingness discovered, certain member information may have been compromised.” “May have been?” lighthouse health Solutions doesn’t know for sure? two More Entities Disclose impact from Elekta breach Health Team Advantage wasn’t the only covered entity first disclosing this week that they had been impacted by a concern link transgress months ago. renown health disclosed that they had been impacted by the Elekta breach first mentioned on this site in April. The Swedish radiology software provider incident impacted a number of covered entities, and Renown health wasn’t the only entity to emerge a notification this month — cancer Centers of Southwest ok also issued a notification. twin Med LLC Notifies Employees of breach Sometimes it’s the employees and not the patients… twin Med LLC in California is notifying 366 employees of unauthorized access to some of their information in its systems between sep 28, 2020 and October 4, 2020. CaptureRx Notifies More Impacted Entities and Patients, Updates Numbers Again DataBreaches.net has continued to track reports stemming from a breach of NEC Networks LLC dba CaptureRx, a special pharmacy benefits provider. In May, CaptureRx had indicated that 1,919,938 people had been impacted. in an updated filng this week, however, they reported the number now stands at 2,420,141. Send in the Lawyers or Regulators Scripps Health faces quaternity class-action suits citing ransomware records breach ii such proceedings were filed in federal court on monday and have been added to the two cases already in say court books since early June. Everything makes essentially the same basic claim: Scripps failed to meet its obligations to protect patient information, exposing patients to potential fallouts from personal info theft to medical fraud. Colonial pipeline Sued for gas Crisis From Ransomware tone-beginning Colonial pipeline Co.�was sued by a gas station seeking to represent thousands more over the ransomware attempt in May that paralyzed the U.S. East Coasts stream of gasoline, diesel and squirt fuel. EZ Mart 1 LLC, a two-pump station in Wilmington, north Carolina, buys its fuel from a distributor supplied by Colonial, according to a complaint filed monday in federal courtroom in Georgia. sec investigating Companies handling of SolarWinds attempt The sec is seeking to determine whether public-company victims made appropriate disclosures to investors, if there was suspicious trading related to the cyberattack and whether private data was compromised.