Mike Keegan provides an update on a breach mentioned yesterday on this blog: A cash-for-claims agent whose nurse partner was found unconscious at the side of her murdered daughter has been fined after he admitted taking confidential patient data from her. Martin Campbell, 31, obtained names and telephones of visitors to Moorgate Primary Care walk-in…
Author: Dissent
Delta Dental/The Smile Center breach report
As a small update to my breach entry of May 19, it seems that Delta Dental notified the New Hampshire Attorney General’s Office about the incident. In a letter from their lawyers dated May 16, Delta Dental states that they first became aware of the loss from an “unrelated third party” on February 24, and that…
Preliminary Thoughts about the HIPAA Accounting of Disclosures NPRM
Rebecca Herold comments on the HIPAA Privacy Rule Accounting of Disclosures under the Health Information Technology for Economic and Clinical Health Act Notice of Proposed Rule Making (NPRM). […] Logging access to ePHI has been around since the Security Rule went into effect. So, even though the original accounting for disclosures requirements did not include activities…
UK: 189 patients at NHS Bury notified of data breach
The details of 189 NHS walk-in centre patients could have been leaked as part of a data breach linked to a worker whose daughter was recently killed. NHS Bury has written to the patients to warn them their records could have been passed on to third parties. The source was said to be Dawn Makin,…
Breaches Lead to Push to Protect Medical Data
Milton Freudenheim reports: Federal health officials call it the Wall of Shame. It’s a government Web page that lists nearly 300 hospitals, doctors and insurance companies that have reported significant breaches of medical privacy in the last couple of years. Such lapses, frightening to consumers, could impede the Obama administration’s effort to shift the nation…
Case study from Ireland's Data Protection Commissioner reveals need for ethics review in research recruitment to protect privacy
Over on DataBreaches.net, I mentioned a previously unknown (to me) breach that was revealed in Ireland’s Data Protection Commissioner’s 2010 Annual Report. Another incident that the report included involved a medical privacy complaint. At pp. 82-83: Case study 17: Inappropriate disclosure of medical research data In March 2010 we were contacted by a lady who…