Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: TUCC notifies OCR of data breach

The Urology Center of Colorado ('TUCC') notified, on 5 November 2021, the U.S. Department of Health and Human Services' ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 137,820 individuals. In particular, TUCC outlined that their investigation determined that an individual accessed their network for a brief period of time between 7 September and 8 September 2021. In addition, TUCC noted that although they have no evidence to suggest actual or attempted misuse of information as a result of this incident, they are notifying individuals with information contained within the network. Moreover, TUCC highlighted that the type of information varies by individual, but includes name and one or more of the following data elements: date of birth, social security number, address, phone number, email address, medical record number, diagnosis, treating physician, insurance provider, treatment cost, and/or guarantor name.

Furthermore, TUCC noted that upon discovering this incident, they reset account passwords and implemented additional security measures to further protect information. Lastly, TUCC highlighted that they are also providing potentially impacted individuals with access to credit monitoring and identity protection services as an added precaution.

You can read TUCC's notice here and access the OCR breach notification here