Frank Eye Center, P.A. notified, on 29 April 2022, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 26,333 individuals. In particular, Frank Eye Center stated that it uses Eye Care Leaders ('ECL') to store electronic patient medical records and related information, which notified, on 4 December 2021, a data security incident where an unknown third party accessed ECL's network.

In addition, Frank Eye Center stated that upon discovery of the incident, ECL contained the incident, notified law enforcement, conducted an investigation, and began restoring data from backups where available. More specifically, Frank Eye Center stated that, on 1 March 2022, ECL notified that the incident may have involved unauthorised access to protected health information or other personal information which included individual's names, addresses, telephone numbers, dates of birth, social security numbers, and medical treatment and diagnosis information.

As such, Frank Eye Center stated that in addition to notifying individuals whose information was impacted, it is issuing complimentary identity theft protection services, transitioning to a new service provider, and implementing additional security measures to lessen the occurrence of a similar incident.

You can read the press release here and access details on the OCR portal here.