"KMJ Health Solutions, a Michigan-based provider of online signout and charge capture systems, has reported a breach of the protected health information of 2,191 individuals. On November 19, 2023, KMJ Health Solutions identified unauthorized access to the server that hosts its eDocList system. The attacker used ransomware to encrypt files and may have obtained the data of some of its clients. The threat actor first gained access to the server on July 1, 2023. KMJ Health Solutions notified the affected clients on or around January 11, 2024.
One of the affected clients was Saint Joseph’s Medical Center in New York. The information potentially compromised included names, dates of birth, medical record numbers, diagnoses, laboratory results, dates of service, provider names, medications, and/or treatment information. Saint Joseph’s sent notifications to the affected individuals on March 4, 2024, and has confirmed that it no longer uses KNJ Health Solutions. When business associates experience data breaches, notifications may be issued by the business associate, their covered entity clients, or a combination of the two. It is therefore unclear at this stage how many individuals in total have been affected."
swidup
commented
7 months ago
https://www.hipaajournal.com/humana-reports-mailing-errors-affecting-more-than-10000-members/
"KMJ Health Solutions, a Michigan-based provider of online signout and charge capture systems, has reported a breach of the protected health information of 2,191 individuals. On November 19, 2023, KMJ Health Solutions identified unauthorized access to the server that hosts its eDocList system. The attacker used ransomware to encrypt files and may have obtained the data of some of its clients. The threat actor first gained access to the server on July 1, 2023. KMJ Health Solutions notified the affected clients on or around January 11, 2024.
One of the affected clients was Saint Joseph’s Medical Center in New York. The information potentially compromised included names, dates of birth, medical record numbers, diagnoses, laboratory results, dates of service, provider names, medications, and/or treatment information. Saint Joseph’s sent notifications to the affected individuals on March 4, 2024, and has confirmed that it no longer uses KNJ Health Solutions. When business associates experience data breaches, notifications may be issued by the business associate, their covered entity clients, or a combination of the two. It is therefore unclear at this stage how many individuals in total have been affected."