Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: FPS Medical Center notifies OCR of data security incident

FPS Medical Center notified, on 2 May 2022, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting  28,024 individuals. In particular, FPS Medical Center stated that it had first identified the incident on 3 March 2022, and that it had immediately proceeded to launch an investigation to determine the scope of the event.

In light of the investigation, FPS Medical Center explained that its systems had become encrypted with malware and, as such, had been accessible to an unknown actor between 28 February 2022 and 3 March 2022. Additionally, FPS Medical Center noted that, although there is no indication that any information was misused as a result of this incident, patient information present in the impacted systems during the event included: full names, addresses, dates of birth, driver's licences, medical information, health insurance information, and social security numbers.

Lastly, FPS Medical Center noted that, upon discovery of the incident, it had immediately taken steps to restore its operations, to secure its systems, and to review its policies and procedures to further reduce the risk of recurrence. In addition, FPS Medical Center stated that it had established a dedicated toll-free assistance line to answer questions relating to this incident.

You can read the notice here and access details on the OCR portal here.