Regional Eye Data Breach Investigation
Eye Care Leaders, the third-party vendor that Regional Eye used for electronic medical records, experienced a data breach which may involve a vast amount of personal health information.
There is a growing list of ophthalmology practices, and currently 348,000 individuals, affected by a hacking incident at the electronic health records vendor Eye Care Leaders (ECL). More details about the December 2021 attack are emerging.
Several vision care practices around the country have reported data breaches involving the ECL incident. The Department of Health and Human Services’ Office for Civil Rights’ HIPAA Breach Reporting Tool website indicates more data breach reports filed by vision practices, related to the ECL security incident, including:
- Frank Eye Center in Kansas – 26,333 individuals
- Ilumin (Arkfeld, Parson & Goldstein) in Nebraska – nearly 15,000 individuals
- Northern Eye Care Associates in Michigan – 8,000 individuals
- Ad Astra Eye LLC in Kansas – 3,700 individuals
- Summit Eye in Tennessee – over 50,000 individuals
- Regional Eye Associates Inc. & Surgical Eye Center in Morgantown, West Virginia – 194,035 individuals
- Texas Tech University – 1.2 million
- Allied Eye Physicians in Ohio – 20,000
Regional Eye became aware of the data breach on March 1, 2022. The company says Eye Care Leaders informed them that the incident involved an individual who gained access to their system on December 4, 2021, and deleted several databases.