Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
USA: Practicefirst notifies OCR of data breach
Professional Business Systems, Inc. doing business as Practicefirst Medical Management Solutions and PBS Medcode Corp. notified, on 1 July 2021, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 1,210,688 individuals. In particular, Practicefirst, which processes data for health care providers, noted that an unauthorised actor attempted to deploy ransomware to encrypt the company's systems and copied some files which included files that contain limited patient and employee personal information. Specifically, Practicefirst highlighted that the affected information included names, addresses, email addresses, date of births, driver's license numbers, social security numbers, patient identification numbers, medication informations, health insurance identifications, and employee usernames with passwords and security questions, among others.
Practicefirst outlined that it had implemented measures to further improve the security of systems and practices and had opened an assistance line for individuals seeking additional information.