Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: YRMC notifies OCR of data security incident

Yuma Regional Medical Center ('YRMC') notified, on 9 June 2022, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 737,448 individuals. In particular, YRMS stated that, on 25 April 2022, it had identified a ransomware incident affecting some of its internal systems. In addition, YRMC noted that, upon detecting the incident, it took immediate action and took its systems offline, communicated with law enforcement, and initiated an investigation with the help of a third-party forensic firm. Moreover, YRMC stated that the investigation determined that an unauthorised person gained access to its network between 21 April 2022 and 25 April 2022, and removed a subset of files from our systems which contained certain patient information, including names, social security numbers, health insurance information, and limited patient medical information. Furthermore, YRMC highlighted that, after the incident, it strengthened the security of its systems and will continue enhancing its protocols to safeguard the information in its care to avoid the occurrence of similar incidents in the future.

You can read the notice here and access details on the OCR portal here.