Ambry Genetics Corporation
Ambry Genetics Corporation, a subsidiary of Konica Minolta based in Aliso Viejo California, recently disclosed it computer systems were hacked and the perpetrators obtained over 230,000 customer records.
The hack may have disclosed customers’ names, medical information, information related to the use of Ambry’s services, and social security numbers.
Tandem Diabetes Care, Inc.
On March 16, 2020, Tandem Diabetes Care, Inc., a San Diego, CA based manufacturer of medical devices for diabetes patients, announced a breach of confidential personal and health information after hackers accessed the email accounts of multiple employees during a phishing attack in January 2020.
Tandem stated that “customer contact information, information related to the use of Tandem’s products or services, and/or clinical data regarding customer diabetes therapy” and the social security numbers of customers may have been compromised in some “very limited instances.”
Information provided by Tandem to the US Department of Health and Human Services indicates that the information for over 140,000 customers may have been compromised in this breach.
How do I know if my personal information was compromised in a data breach?
The law requires companies that store personal health information or other confidential information, to notify all potentially affected consumers of any data breach involving their personal or confidential information. Typically companies will send out letters to all potentially affected customers notifying them of the data breach.
How do data breaches occur?
One common attack used is a “phishing attack” which occurs when hackers send out emails, texts or instant messages that contain an attachment or a link to malware. When a recipient of the email opens the attachment or link within it, the malware is automatically downloaded onto the recipient’s computer and any email network the recipient is utilizing. This allows the hacker access to the company’s network and the data stored on it.
Hackers frequently attempt to disguise the email, text or instant message as coming from a trusted source so the recipient will open the “phishing” message. Phishing attacks are among the most common types of data breaches because of their relative simplicity.
Why are data breaches harmful?
Healthcare related companies are frequent hacking targets due to the value that healthcare related information possesses on the black market along with the fact the industry has been slower to invest in cyber security than other industries.
Data breaches of personal health information can result in significant costs to consumers. As a result, companies need to take cyber security seriously to prevent a data breach from happening in the first place, and not merely as a post-breach remedy.
What legal obligations do companies have to protect confidential information?
There are several federal and state laws enacted to help ensure that companies that store personal health information and other confidential information maintain that information securely.
These include the federal Health Insurance Portability and Accountability Act (“HIPAA”), the California Confidentiality of Medical Information Act (“CMIA”) and the California Consumer Privacy Act (“CCPA”).
These statutes require companies to maintain reasonable cyber security procedures, report any breaches of this data that occurs and requires the payment of statutory damages for violations of these acts.
What are my legal rights?
If you received notification that your information may have been compromised in a data breach and would like to discuss your legal rights, you can call us at 1-800-736-9085, email us at info@doyleapc.com or fill out the form below for a free consultation. Our attorneys are dedicated to helping consumers who have been the victims of a data breach.