Having your employees find out that you are monitoring them surreptitiously doesn’t make for happy employees and may lead to legal problems in terms of surveillance laws and labor laws. Having a patient privacy incident can be infinitely worse. Managing to risk combining both can be a nightmare. But that’s somewhat what happened recently in…
Author: Dissent
Mailing error exposes over 3,000 cancer patients' names to each other
A mailing error resulted in Cancer Care Northwest sending routine mailings that exposed patient names to other patients. A statement on their web site explains: In compliance with federal HIPAA and HITECH Regulations, Cancer Care Northwest is required to notify patients and the media when a breach of information occurs. Cancer Care Northwest became aware…
Papers with patient info stolen from Jefferson Center for Mental Health employee's car
Jefferson Center for Mental Health in Colorado recently notified HHS of a breach affecting 546 patients. A statement on their web site explains: On December 13, 2010, a paper list with brief demographic information was stolen from a locked vehicle. The thief stole a purse containing cash and a work bag of a Jefferson Center…
Hacking incident at St. Louis University affects over 12,000 employees and 800 students receiving counseling services
St. Louis University in Missouri reports that its network was hacked and that personally identifiable and protected health information were on the servers that were accessed without authorization. A statement on their web site dated January 31 indicates that the breach occurred on December 12 and was discovered on the 13th. An investigation conducted by the…
Update to Ortho Montana incident (revised)
As an update to the report on a missing laptop containing information on patients at Ortho Montana, Ortho Montana did report the incident to HHS. In their notification, they indicated that 37,000 patients were notified of the December 17th incident. A statement on Ortho Montana’s site says: Recently, we learned that a laptop belonging…
Update to Green River District Health Department post
As an update to the blog entry about the Green River District Health Department breach, their breach report to the U.S. Dept. of Health and Human Services (HSS) indicates that 18,871 had their data exposed on the web, not the nine thousand figure reported in the media. GRDHD indicated that they first became aware…