DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Recent updates to HHS's public breach tool

Posted on October 23, 2014 by Dissent

There’s an update to the breach involving an office burglary at Dr. Vonica Chau ‘s office in Arlington, Texas: when the breach was added to HHS’s public breach tool, it was reported as affecting 810 patients.

The American Family Care breach was also added to HHA’s public breach tool this week. The entry shows the laptop theft occurred on July 18 and affected 2,588 patients.

Two other breaches (neither of which have been previously reported on this blog) were also added to the public breach tool this week. The first, involving Oklahoma City Indian Clinic, reportedly affected ,6000 patients. A notice linked from the clinic’s home page explains the e-mail attachment gaffe that resulted in the breach:

OKLAHOMA CITY – Oklahoma City Indian Clinic recently notified 6,044 patients that their names, email addresses and clinic-specific patient numbers were compromised after the following event: On July 28, 2014, an email was sent from the clinic to 360 patients advertising an upcoming adolescent health fair. A spreadsheet containing names, email addresses and clinic-specific patient numbers of 6,044 clinic patients was inadvertently attached to the email. The sender forwarded a message and failed to remove the attachment, which was used as a worksheet to determine the recipients of the email. The patient number is used for internal clinic purposes and is not the patient’s social security number. The clinic became aware of the incident, and a recall message was sent the same day. The clinic also sent an email to the recipients notifying them that the spreadsheet was not intended for them and requesting that they delete it. A notification letter was sent to all patients whose names were on the spreadsheet on Aug. 18. “Oklahoma City Indian Clinic understands the importance of safeguarding our patients’ personal information and regret that this incident occurred,” said Lysa Ross, COO of OKCIC. “We have notified our patients of the breach and are taking steps to prevent this from happening again. We encourage patients to call with any questions or concerns.” The type of information that was released would not create potential for identity theft. However, patients may receive unwanted emails and should monitor their email accounts. Patients may call toll free 1-844-MYOKCIC Monday – Friday between the hours of 8 a.m. and 5 p.m. with any questions.

The second new entry involves Compassionate Care Hospice of Central Louisiana, whose July 30th breach reportedly involved 707 patients.  A notice on the CCH’s web site explains:

HIPAA Breach Notification

On July 30, 2014, there was a break-in and theft at Compassionate Care Hospice of Central Louisiana’s office located at 5417 Jackson Street, Suite B, in Alexandria, LA. Compassionate Care Hospice immediately reported the incident to local police. On or about September 22, 2013 (sic), Compassionate Care Hospice mailed correspondence to each affected individual or next of kin notifying them of the incident. The letter contains instructions for you to follow in the event that you or your loved one has been affected by this incident.

The theft included some laptop computers that were secured by a password and an external hard drive. The laptops were remotely wiped by our IT team on or about July 31, 2014. The information of the laptops included either the patient’s first and last name only or the patient’s first and last name, patient number, age, admission date, discharge date (if applicable), length of stay, location (i.e., home, hospital or skilled nursing facility) medication class (if applicable), and disposition (i.e., revocation, transfer, etc.).

If you do not receive our letter, please contact our program office at (318) 487-9400 or our toll free compliance hotline at (800) 234-8147. For more information, please click here.

Related posts:

  • Tennessee hospice notifying patients whose information was accessed after employees fell for phishing attacks
Category: Uncategorized

Post navigation

← ME: Island Nursing Home successfully sued by former employee
BreyerHorse.com site compromised for 18 months →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • 70% of healthcare cyberattacks result in delayed patient care, report finds
  • Police disrupt “Diskstation” ransomware gang attacking NAS devices
  • Meta fixes bug that could leak users’ AI prompts and generated content
  • Mississippi Law Firm Sues Cyber Insurer Over Coverage for Scam
  • Ukrainian Hackers Wipe 47TB of Data from Top Russian Military Drone Supplier
  • Computer Whiz Gets Suspended Sentence over 2019 Revenue Agency Data Breach
  • Ministry of Defence data breach timeline
  • Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
  • Ransomware in Italy, strike at the Diskstation gang: hacker group leader arrested in Milan
  • A year after cyber attack, Columbus could invest $23M in cybersecurity upgrades

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Upstate NY county clerk again refuses to enforce Texas abortion judgment
  • Attorney General James Leads Coalition Urging Congress to Protect Americans from Masked ICE Agents
  • Attorney General Tong Announces $85,000 Settlement with TicketNetwork for Violations of the Connecticut Data Privacy Act​
  • Fourth Circuit upholds West Virginia ban on abortion pills
  • Meta fixes bug that could leak users’ AI prompts and generated content
  • The EU’s Plan To Ban Private Messaging Could Have a Global Impact (Plus: What To Do About It)
  • A Balancing Act: Privacy Issues And Responding to A Federal Subpoena Investigating Transgender Care

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.