The Information Commissioner’s Office (ICO) has issued a monetary penalty of £55,000 to North Staffordshire Combined Healthcare NHS Trust. The penalty follows a serious breach of the Data Protection Act which resulted in sensitive medical details of three patients being sent to a member of the public. The details were released between August and September 2011 when…
Month: June 2013
Lucile Packard Children’s Hospital notifying 12,900 after laptop stolen from secured badge-access area
Lucile Packard Children’s Hospital is no stranger to stolen equipment containing PHI. In January, 2010, they self-reported a breach involving a stolen desktop computer with PHI on 532 patients, and as recently as January, they notified 57,000 patients after a laptop was stolen from a physician’s car. Now the hospital is notifying patients about another breach…
House panel to probe alleged seizure of medical records by IRS
And speaking of outrageous breaches, Elise Viebeck reports: A top House committee launched another probe of the Internal Revenue Service (IRS) Tuesday after a lawsuit alleged that the agency improperly seized millions of personal medical records in California. In a letter, Republican leaders on the Energy and Commerce panel asked the IRS to explain how it…
Prime Healthcare and Shasta Regional Center settle HHS complaint, to pay $275,000
I don’t know if you can hear me, but I generally groan when I read a settlement that permits the party to make no admission of guilt. The FTC permits it, and HHS also permits it. I understand why they may choose to do that, but seriously, there are some breaches that are just so…
EPIC Urges Federal Health Agency to Safeguard Mental Health Records
From EPIC.org: In comments to the Department of Health and Human Services, EPIC underscored the importance of medical privacy, particularly concerning mental illness. In response to President Obama’s plan to reduce gun violence, the federal agency is considering allowing states to report certain mental illness information to the FBI for inclusion in National Instant Criminal Background Check System. EPIC warned that…
More than 1,000 psychiatric patients' IDs stolen by hospital worker, feds allege
Paula McMahon reports on yet another case of insider data theft involving patients in Florida: Curtis Fullwood’s job was to help patients with mental health problems find work they could do in the South Florida State Hospital in Pembroke Pines, but instead, authorities say, he stole their identities. Fullwood, 57, and his cousin, Terri Davis, 45, have pleaded…