Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: Heidell, Pittoni, Murphy & Bach notifies OCR of data security incident

Heidell, Pittoni, Murphy & Bach, LLP ('HPM&B') notified, on 16 May 2022, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 114,979 individuals. In particular, HPM&B stated that, on 25 December 2021, it had detected suspicious activity within its network environment, and following an investigation, found that there had been an unauthorised access to certain information of the firm. More specifically, HPM&B noted that the potentially affected information included names, dates of birth, social security numbers, and certain medical treatment information.

In response to the incident, HPM&B highlighted that it had, among other things, updated its policies and procedures relating system security and their information lifecycle management. 

You can read the notice here and access details on the OCR portal here.