Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
USA: Henderson & Walton Women's Center notifies OCR of data security incident
Henderson & Walton Women's Center ('HWWC'), P.C. notified, on 23 August 2022, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 34,306 individuals. In particular, HWWC stated that it had suffered a cyber attack and an unauthorised third party had gained access to the email account of one of its employees. In light of the investigation carried out, HWWC explained that the data breach confirmed that the attacker had not gained access to the email server and that the breach was confined to the email account of one employee, whilst further noting that the incident may have resulted in unauthorised access to patients' personal information, which included names, dates of birth, social security numbers, medical information, health insurance information, driver's licence numbers, and state ID numbers.
Lastly, HWWC stated that, after the discovery of the incident, it had notified individuals whose information was involved, and that it had implemented additional security measures to protect and monitor its systems.
You can read the notice here and access details on the OCR portal here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
