Breaches involving health data in 2017 are continuing where 2016 left off – there are too many of them. In addition to the breaches reported earlier today on this site involving Catholic Charities of Baltimore and Complete Wellness (also in Baltimore), we also learned about three other breaches involving health data:
The Center for Mental Health in Montana disclosed that a list with an undisclosed number of patient names, Social Security numbers, date of birth, and “limited health info,” was found in the street by a child. The center believes that the list fell out of an employee’s car when the employee was out making delivery of prescriptions to patients at a housing complex. The breach occurred on November 29, and the Center sent notification letters on January 19.
On December 12, 2016, Wonderful Center for Health Innovation in California discovered that a laptop containing medical information had been stolen between December 9, 2016 and December 12, 2016. The laptop contained full name, home address, date of birth, telephone number, email address, clinic account number, medical conditions, medical test results, and clinic treatment date(s). The number of patients being notified was not disclosed in their January 18th notification letter.
American Urgent Care Center, PSC in Kentucky notified 822 patients of a breach that was reported to HHS on January 5, but just added to HHS’s breach tool today. No information seems to be available online about the incident, which the covered entity reported as a theft incident.
So what do you prefer: having health insurance and having your data compromised after you see your doctor or not having your data stolen because you couldn’t afford to go to your doctor after the new administration decimates ACA?
Yeah, I agree.