In addition to other blog entries posted today, a recent update to HHS’s breach tool indicates three more reports that have not been reported in the media:
Southern Perioperative Services, P.C. in Alabama reported that 2,000 patients had PHI on a device that was stolen on or about November 17. Their web site is parked and I find no information on the site or in media sources about the breach.
Friendship Center Dental Office in Ocala, Florida reported that 2,200 patients had PHI on a laptop that was stolen on or about December 20. I cannot find any web site for them or any media coverage of the incident.
Franciscan Medical Group in Washington reported that 1,250 patients had PHI on a computer stolen on or about November 18. I cannot find any statement on their web site or in the media about the incident and it’s not indicated which of their hospitals or medical facilities was the one whose computer was stolen.
Once again, it seems, the HHS breach tool informs us of breaches we might otherwise not know about. Of the nine most recent entries, we had only known about three of them.
The HHS tool also provides updates that we may not learn of otherwise. As one example, the Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan incident, which received wide media attention last year when it seemed that 280,000 people had data on the missing flash drive, was subsequently updated to indicate that 808 patients were affected – not 280,000. HHS updates also provide us with additional details on the types of information involved. In a number of cases, the annotated breach reports indicate the Social Security Numbers as well as health information were involved and that those breaches should probably be included in databases maintained by the Identity Theft Resource Center.
If anyone has additional details on the three newly revealed breaches listed above, please use the Comments section to add them.
Hello –
This may be completely insignificant but how did you find out that Friendship Center Dental Office is in Ocala? I don’t see the city on the HHS’s breach tool.
A Google map search pulls two different locations in Ocala with one web site. There is no information on that site about any HHS breaches and while that doesn’t mean this isn’t the correct location I wouldn’t want to be liable for some kind of slander. That’s why I was wondering how you got the city?
Thanks.
My search only shows one street address and that’s in Ocala. I didn’t link to the one dentist’s web site that you found because I have no idea which dentist in the group or at that address had the breach. But I do not see any “Friendship Center Dental Office” in Florida other than the one in Ocala.