DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Recent updates to HHS's public breach tool

Posted on October 23, 2014 by Dissent

There’s an update to the breach involving an office burglary at Dr. Vonica Chau ‘s office in Arlington, Texas: when the breach was added to HHS’s public breach tool, it was reported as affecting 810 patients.

The American Family Care breach was also added to HHA’s public breach tool this week. The entry shows the laptop theft occurred on July 18 and affected 2,588 patients.

Two other breaches (neither of which have been previously reported on this blog) were also added to the public breach tool this week. The first, involving Oklahoma City Indian Clinic, reportedly affected ,6000 patients. A notice linked from the clinic’s home page explains the e-mail attachment gaffe that resulted in the breach:

OKLAHOMA CITY – Oklahoma City Indian Clinic recently notified 6,044 patients that their names, email addresses and clinic-specific patient numbers were compromised after the following event: On July 28, 2014, an email was sent from the clinic to 360 patients advertising an upcoming adolescent health fair. A spreadsheet containing names, email addresses and clinic-specific patient numbers of 6,044 clinic patients was inadvertently attached to the email. The sender forwarded a message and failed to remove the attachment, which was used as a worksheet to determine the recipients of the email. The patient number is used for internal clinic purposes and is not the patient’s social security number. The clinic became aware of the incident, and a recall message was sent the same day. The clinic also sent an email to the recipients notifying them that the spreadsheet was not intended for them and requesting that they delete it. A notification letter was sent to all patients whose names were on the spreadsheet on Aug. 18. “Oklahoma City Indian Clinic understands the importance of safeguarding our patients’ personal information and regret that this incident occurred,” said Lysa Ross, COO of OKCIC. “We have notified our patients of the breach and are taking steps to prevent this from happening again. We encourage patients to call with any questions or concerns.” The type of information that was released would not create potential for identity theft. However, patients may receive unwanted emails and should monitor their email accounts. Patients may call toll free 1-844-MYOKCIC Monday – Friday between the hours of 8 a.m. and 5 p.m. with any questions.

The second new entry involves Compassionate Care Hospice of Central Louisiana, whose July 30th breach reportedly involved 707 patients.  A notice on the CCH’s web site explains:

HIPAA Breach Notification

On July 30, 2014, there was a break-in and theft at Compassionate Care Hospice of Central Louisiana’s office located at 5417 Jackson Street, Suite B, in Alexandria, LA. Compassionate Care Hospice immediately reported the incident to local police. On or about September 22, 2013 (sic), Compassionate Care Hospice mailed correspondence to each affected individual or next of kin notifying them of the incident. The letter contains instructions for you to follow in the event that you or your loved one has been affected by this incident.

The theft included some laptop computers that were secured by a password and an external hard drive. The laptops were remotely wiped by our IT team on or about July 31, 2014. The information of the laptops included either the patient’s first and last name only or the patient’s first and last name, patient number, age, admission date, discharge date (if applicable), length of stay, location (i.e., home, hospital or skilled nursing facility) medication class (if applicable), and disposition (i.e., revocation, transfer, etc.).

If you do not receive our letter, please contact our program office at (318) 487-9400 or our toll free compliance hotline at (800) 234-8147. For more information, please click here.

Related posts:

  • Unencrypted laptops still a major cause of breach reports to HHS
Category: Uncategorized

Post navigation

← ME: Island Nursing Home successfully sued by former employee
BreyerHorse.com site compromised for 18 months →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.