Support Centre

USA: Tandem notifies OCR of health data breach

Tandem Diabetes Care, Inc. notified, on 17 March 2020, the U.S. Department of Health & Human Services' Office for Civil Rights ('OCR') that it had suffered a data breach incident likely to affect the security of information of 140,781 individuals, which the OCR is now investigating. In particular, Tandem highlighted that, on 17 January 2020, it had determined that an unauthorised person had gained access to a limited number of employees' email accounts through phishing between 17 January 2020 and 20 January 2020. Furthermore, Tandem outlined that the affected email accounts may have contained customer names, information related to those customers' use of Tandem's products or services, contact information, clinical data regarding their diabetes therapy, and in some instances, Social Security numbers.

You can access details on the OCR notification here, and read Tandem's notice to its customers here