Seriously. How many times will see news reports of how medical practices closed their doors and just dumped patient records? Here’s another case this week, reported by WSFA in Alabama, who made great efforts to track down someone – anyone – who might be able to help identify the culprit (and yes, I use the…
Month: December 2015
Costa Rica Government Website Hacked by Pro-ISIS Group
Jaime Lopez reports: An internal page within the website of the Ministry of the Environment in Costa Rica (Spanish acronym: MINAE) were hacked by an Egyptian group claiming allegiance to the Cyber Caliphate, an extremist branch of ISIS. There’s much more, but one somewhat surprising note: It is interesting to note that the hackers who claimed…
Physicians Health Plan of Northern Indiana notifies Indigo members whose billing statements were erroneously sent to others
Another problem with mailing bills that results in a HIPAA breach. Physicians Health Plan of Northern Indiana, Inc. (PHPNI) posted an FAQ on December 18 about an incident affecting Indigo members. Their report to HHS indicates that 1,708 patients were affected. What happened? An error occurred in the assembly of a premium billing statement mailing on December 8,…
Allina Health Isles Clinic notifies more than 6,000 patients of improper disposal of their records
First, the notice from Allina Health in Minnesota: This notice concerns a privacy situation that occurred at the Allina Health Isles Clinic, located at 2800 Hennepin Avenue, Minneapolis, MN 55408. On October 27, 2015, Allina Health discovered that in limited circumstances, containers which may have had documents with patient information were being emptied into a…
Dumont hospital employees shocked Dr. Fernando Rojas returning to work
CBC News reports an update to a breach noted previously on this site. Many staff members at the Georges Dumont Hospital in Moncton do not welcome Dr. Fernando Rojas’ return to work. Rojas has not been working at the Georges Dumont since March 2014. The radiation oncologist looked at 141 female patient medical records without authorization…
Can a Business Associate be Liable for a HIPAA Breach When Its Client Isn’t a Covered Entity?
Yesterday morning, some of were following up on a ProPublica report about a New Jersey clinic who, when suing patients for overdue accounts, included their diagnostic codes in materials sent to their collection agency. Those records – containing the patients’ names, diagnostic codes, and treatment codes – became part of public court records. There were some…