Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: McLaren Health Care Corporation notifies OCR of data breach

McLaren Health Care Corporation notified, on 16 July 2021, the US Department of Health & Human Services' Office for Civil Rights ('OCR') of a data breach affecting 64,600 patients. In particular, McLaren outlined that they received notice of a security incident involving the network servers of its vendor, Elekta AB, the event occurred between 2 April 2021 and 20 April 2021. In addition, Mclaren noted that Elekta provided information specific to their patient information on 17 May 2021.

Moreover, McLaren outlined that the following types of patient information may have been involved in the incident full name, social security number, address, date of birth, height, weight, medical diagnosis, medical treatment details, appointment confirmations, and other information that McLaren may collect as a part of providing health care services. Furthermore, McLaren highlighted that no financial account, credit card, or debit card information was involved in this incident. Lastly, McLaren noted that based on the nature of the incident and its investigation, Elekta has no reason to believe that any of the data involved was or will be misused or will be made available publicly.

You can access details on the OCR notification here and read McLaren's notification here.