Associated Press has a follow-up to a breach previously mentioned on this blog.
A Westwego man who worked as a janitor at a New Orleans hospital and his girlfriend have pleaded guilty to charges they used stolen patient information for their personal gain.
Federal prosecutors say 50-year-old Clyde Washington was working for Ochsner Medical Center in New Orleans when he stole printouts containing patients’ names, social security numbers, dates of birth and other personal information.
Prosecutors say Washington gave the stolen documents to his girlfriend, 26-year-old Sherrie Blair, who allegedly used the data to open online accounts under the patients’ names and order a television, a ring and other merchandise.
[…]
Read more on The Republic.
When the story was first published, the name of the medical center was not provided. After doing a bit of investigating, I had figured out that it was Ochsner, but they did not respond to two inquiries I sent them on Dec. 6 and Dec. 8, and without confirmation, I was hesitant to name them. I am glad that we can now attribute this breach.
This was Ochsner’s second reported breach in the past year or so. In December 2010, they notified HHS of a September 2010 breach involving their business associated, H.E.L.P. Financial Corporation. That breach affected over 9,400 patients and was reported on this blog here.
There has been no official disclosure of how many patients were affected in the most recent breach. According to court records on the case, Washington allegedly began stealing patient data in March 2009 to provide to his girlfriend. There was no indication as to how or when the Medical Center discovered the breach, but the original complaint filed by prosecutors identified six patients whose data had been misused by Washington’s girlfriend. How many others had their data stolen was not reported.