Third-Party Vendor at Center of Breach

An incident involving a third-party vendor migrating a server containing archived email of emergency medical device provider Zoll has resulted in a reported health data breach impacting more than 277,000 individuals.

As of Thursday, the incident is the fourth largest health data breach listed so far in 2019 on the Department of Health and Human Services’ HIPAA Breach Reporting Tool website.

Pennsylvania-based Zoll, which provides emergency medical products such as wearable heart defibrillators, therapeutic temperature management systems, and ventilation devices, reported the breach on March 18 to HHS as a hacking/IT incident involving a network server and a business associate.

The incident was reported as impacting 277,319 individuals.

“Email should be encrypted if it contains sensitive data, like PHI in transmission or at rest.”
—Mark Johnson, LBMC Information Security

Read full article