More than 10 U.S. health care systems were breached during a cyberattack of Seattle-based MCG Health, affecting up to 1.1 million patients, HIPAA Journal reports. MCG Health, a subsidiary of Hearst Health, is facing multiple class-action lawsuits as a result of the breach, during which an “unauthorized third party” obtained patient files that included names, Social Security numbers, medical codes, mailing addresses, telephone numbers and email addresses. The lawsuits allege MCG Health acted negligently by failing to recognize the breach for at least two weeks.
29 June 2022
MCG Health breach exposed personal data of more than 1M patients
Related stories
Notes from the IAPP Canada: The question of data sovereignty
A view from DC: From murder to movement in Minnesota and beyond
US Senate subcommittee explores 'core principles' for federal privacy framework
Notes from the Asia-Pacific region: China unveils global AI initiatives
Notes from the IAPP Europe: New Council presidency, challenges to Commission leadership and key digital developments
