Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: ARcare notifies OCR of data security incident

ARcare notified, on 25 April 2022, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 345,353 individuals. In particular, ARcare stated, on 24 February 2022, that it experienced a data security incident that impacted its computer systems. As such, ARcare stated that it immediately took steps to secure its systems and commenced an investigation to confirm the nature and scope of the incident which determined that an unauthorised actor may have accessed and/or acquired some sensitive data between 18 January 2022 and 24 February 2022. Specifically, ARcare highlighted that the affected information that may have been impacted includes names, social security numbers, drivers license or state identification numbers, dates of birth, financial account information, and medical treatment information. In addition, ARcare stated that it is reviewing and updating its existing policies and procedures relating to data protection and security and investigating additional security measures to mitigate any risk associated with the incident to better prevent future similar incidents.

You can read the press release here and access details on the OCR portal here.