To follow up on two recent breaches:
Rady Children’s Hospital has uploaded notification of their recently disclosed breaches to the California Attorney General’s site.
Their notification for the 2014 breach can be found here (pdf). Their notification for the 2012 breach that they discovered in the process of investigating the 2014 breach can be found here (pdf).
Of note, the second letter indicates that patient data were also exposed to job applicants in 2010 and 2011, although because the applicants were on-site, they had no opportunity to download or save any patient data. It will be interesting to see what Rady’s reports to HHS as the date of breach. Will they report 2010-2014 or something else?
Riverside County Medical Center also submitted breach notification letters in English (pdf) and Spanish (pdf) to the California Attorney General’s Office about the missing laptop containing information on 563 patients.