Here are the 16 latest healthcare data breaches or security incidents that occurred or were reported within the past four weeks, beginning with the most recent.
1. Keck Medicine in Los Angeles, part of University of Southern California, reported two servers were hit with ransomware in August, encrypting files and making them inaccessible to employees. The hospitals did not pay any ransom. Read more
2. Codman Square Health Center in Dorchester, Mass., reported a breach due to unauthorized access to a regional health information exchange that contained some of its patients' information. The breach affects 3,840 patients. Read more
3. The Russian hackers who accessed the World Anti-Doping Agency's database of Olympians' medical records leaked more documents, this time involving Spanish tennis player Rafael Nadal, British runner Mo Farah, and American gymnast Laurie Hernandez, among others. Read more
4. Tulsa, Okla.-based Saint Francis Health System is opting not to pay a ransom demand to protect information of 6,000 patients obtained by a hacker, because paying doesn't guarantee the data won't be disclosed. Read more
5. Danville, Pa.-based Geisinger Health Plan notified members of a data breach after a processing error resulted in invoices being mailed to incorrect recipients. The breach involved about 2,800 patients. Read more
6. Burrell Behavioral Health in Springfield, Mo., notified 7,748 patients of a potential data breach after an unauthorized party gained access to an employee's email account. Read more
7. Medford, Ore.-based Asante, a health system serving southern Oregon and Northern California, notified patients of a data breach after an employee was discovered to be inappropriately accessing patient records. Read more
8. Authorities are investigating the possible theft of a binder containing the names and dates of birth of more than 700 patients who received CT scans since May 2012 at Oberlin, Kansas-based Decatur Health Systems. Read more
9. CHI Franciscan Health Highline Medical Center in Burien, Wash., notified patients of a potential data breach after a vendor working on behalf of the medical center inadvertently left patient information accessible via the internet. The incident affected 18,399 individuals. Read more
10. Kansas City, Mo.-based Children's Mercy Hospital reported a data breach affecting 238 patients after paper records were stolen from an employee's vehicle. Read more
11. Medical College of Wisconsin in Milwaukee notified patients of a security incident after an unauthorized third party accessed an employee's email account. The breach affects 3,200 patients. Read more
12. Los Angeles County + USC Medical Center notified more than 700 patients of a potential data breach after appointment lists containing protected health information were stolen from an employee's car. Read more
13. Planned Parenthood of Greater Washington and North Idaho is notifying patients of a potential data breach after emails regarding a new patient portal were sent to the wrong email addresses, affecting 10,700 patients. Read more
14. Lexington, Ky.-based Appalachian Regional Healthcare hospitals in Kentucky and West Virginia were operating under an emergency operations plan after being struck with ransomware and pulling networks offline. The system was back online three weeks later. Read more
15. SCAN Health Plan in Long Beach, Calif., notified patients of a potential data breach after contact sheets containing protected health information were accessed by an outside party. Read more
16. Orleans (Ind.) Medical Clinic notified patients that hackers accessed one of its computer servers containing EHR data after it was left unsecured after an upgrade. The incident compromised all 7,000 patients' information. Read more
More articles on health IT:
Boston Children's 2014 hacker explains why he did it
Banner Health algorithm unintentionally forecasts which patients are most likely to die
These tech jobs among those receiving highest pay raises in 2017