Data Breaches At Houston Area Community Services, NYU Langone Health And County Of Kings In California

Houston Area Community Services, Nyu Langone Health and County Of Kings In California reported data breaches lately.

Avenue 360 Health and Wellness Reports Worker Email Accounts Breach

Houston Area Community Services, Inc., also known as Avenue 360 Health and Wellness, found out an unauthorized person has obtained access to the email accounts of several workers and might have viewed or acquired the protected health information (PHI) of 12,186 people.

Avenue 360 Health and Wellness stated its investigation established the email accounts had been compromised from January 15, 2021 to April 2, 2021. A third-party supplier with a specialty in the examination of security occurrences like this was involved to help with the breach investigation.

The provider performed a detailed analysis of all email messages and attachments found in the account. On November 9, 2021, Avenue 360 learned that the account comprised names, medical insurance details, medical record numbers, dates of birth, diagnoses, clinical and treatment data, and prescription data. The Social Security numbers and/or financial data of certain people were additionally exposed.

Avenue 360 didn’t get any reports of attempted or actual improper use of patient information due to the email security breach. Impacted persons began getting notification letters on January 5, 2022, and free credit monitoring services were provided to persons whose Social Security number was compromised. Because of the breach, email security had been made better using anti-spam systems and multi-factor authentication.

Web Server Misconfiguration Resulted in the Compromise of COVID-19 Information of 16,590 Persons

County of Kings, which is a political subdivision of the State of California, has uncovered the misconfiguration of a public web server, which led to the compromise of information with regards to COVID-19 cases.

The California Department of Public Health and County healthcare providers furnished the records to County’s Public Health Department. The records contained names, addresses, birth dates, and COVID-19 related details. The misconfiguration was noticed on November 24, 2021, and the problem was totally resolved on December 6, 2021. The investigation showed that the error took place on February 15, 2021.

County of Kings officers reported they cannot exclude unauthorized access of the data in that period of 10 months, however, there is no evidence that any of the breached data was or will be wrongly used.

The mailing of notification letters to the 16,590 persons whose sensitive details were exposed started on January 21, 2022. The County thinks that the limited nature of the compromised information suggests people are not in danger and don’t have to take any more actions. The County mentioned it is doing something to make certain COVID-19 data is better safeguarded later on.

NYU Langone Health Alerts 1,123 Patient Concerning Mismailing Occurrence

NYU Langone Health has begun informing 1,123 patients concerning a vendor mailing error. On or approximately November 12, 2021, NYU Langone advised patients regarding an intended relocation of an oncology doctor, who was located in Lake Success, NY.

A third-party vendor was utilized to mail the notification letters and changed the format of the addresses which led to a misprint of patient names and addresses on the envelopes. Consequently, the letters were mailed to the wrong recipients. The letters wrote “Dear Patient,” and there was no PHI included.

NYU Langone has obtained guarantees from its vendor that guidelines, procedures, and procedures were assessed and updated to stop the same misdirected mailings down the road.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at https://twitter.com/ElizabethHzone