Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: Optima Dermatology Holdings notifies OCR of data security incident

Optima Dermatology Holdings LLC notified, on 18 April 2022, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 59,872 individuals. In particular, Optima Dermatology Holdings stated that between 30 August 2021 and 2 September 2021 an employee email account had been accessed by an unauthorised party, and immediately upon learning of the security incident, it proceeded to secure the email account in question and launched an investigation.

In light of the investigation, Optima Dermatology Holdings noted that an unauthorised actor had accessed and potentially obtained the following information: full names, dates of birth, medical treatment and/or conditions information, health insurance claims and/or application information, health insurance policy and/or subscriber numbers, and medical record numbers.

Lastly, Optima Dermatology Holdings noted that after the discovery of the incident it notified individuals whose information was involved and provided them with best practices for protecting their information. In addition, Optima Dermatology Holdings stated it has implemented additional security measures to protect data and established a dedicated toll-free response line for customers who have questions or want to determine whether they have been impacted by the security incident.

You can read the notice here and access details on the OCR portal here.