DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NYC Health & Hospitals Corp. investigating alleged employee wrongdoing

Posted on December 6, 2019 by Dissent

NYC Health & Hospitals Corp. posted a notice this week (reproduced below) that suggests that a rogue employee may have been selling PHI to law firms or clinics that specialize in motor vehicle accident patients.

Of note, this notice does not specify any one hospital where the employee worked. Did the employee have access to all patients’ data across all hospitals in the network?

How did the hospital learn of this — who told them and how did that person know?

And will they even be able to sort out how many patients may be impacted? Do/did they have good access logs in 2016? And can they determine for every access whether the employee had a legitimate reason to access the patient’s file?

This looks to be a costly and time-consuming mess.

h/t, Becker’s Hospital Review


Notice of Possible Unauthorized Disclosure of Protected Health Information

Dec 02, 2019

On October 3, 2019, NYC Health + Hospitals was notified that of some of its patients’ protected health information (PHI) had been inappropriately disclosed by an employee of NYC Health + Hospitals, between 2016 and November 2019. The disclosed PHI included patients’ names, telephone numbers, and the fact that they had been involved in motor vehicle accidents. An investigation of the incident is ongoing, and appropriate discipline of the employee is being pursued. If you were involved in a motor vehicle accident between 2016 and November 2019, and, as a result, were treated at a NYC Health + Hospitals hospital, your PHI may have been included in this unauthorized disclosure. For more information, please call (877) 514-0832.


 

No related posts.

Category: Commentaries and AnalysesHealth DataInsiderOf NoteU.S.

Post navigation

← UK: NHS radiographer, 32, faces jail after illegally accessing more than 200 female patients’ personal records before hounding them for dates
PA: Hackers breach Leesport tax collector’s database →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.