In October 2018, Rebound announced it experienced a data breach five months earlier that may have revealed personal health information. About 2,800 patients were potentially affected by the breach. Rebound said the delay in alerting patients was due to the amount of work computer forensic contractors needed to assess the extent of the breach.
Cyber incidents in health care are on the rise, according to the U.S. Department of Health and Human Services. From 2018 to 2022, there was a 93 percent increase in large breaches reported to the Office for Civil Rights, along with a 278 percent increase in large breaches involving ransomware.
In the past, cyber incidents affecting hospitals and health systems have led to disruptions in care and scheduling, delayed medical procedures and posed a risk to patient health information, according to the Department of Health and Human Services.
“Unfortunately, we are living in a time where cyber attacks from malicious insiders are not uncommon. Now more than ever, the risks to patient protected health information cannot be overlooked and must be addressed swiftly and diligently,” Office for Civil Rights Director Melanie Fontes Rainer said in a recent news release in an unrelated cybersecurity investigation. “Cyber attacks do not discriminate based on organization size or stature, and it’s incumbent that our health care system follows the law to protect patient records.”