More on a breach reported here last week, this from Natalie Johnson: In early February, an employee of the National Collection Office (NCO) Financial Systems Inc., a debt-collection agency that UW Medicine contracts with, violated security and compromised at least 50 confirmed contacts, and as many as 80 more are being investigated. “UW Medicine was…
Category: Health Data
UWMC patient financial information compromised
More on a breach reported here last week, this from Natalie Johnson: In early February, an employee of the National Collection Office (NCO) Financial Systems Inc., a debt-collection agency that UW Medicine contracts with, violated security and compromised at least 50 confirmed contacts, and as many as 80 more are being investigated. “UW Medicine was…
OCR's web site criticized for "bare bones" approach
Over on the Los Angeles Times, David Lazarus raises an issue that I raised here last week: the fact that some breaches on the Office of Civil Rights’ (OCR’s) list of breached covered health care entities shield the entity’s name and merely lists the entity as “Private Practice.” Referring to the breaches posted on OCR’s…
OCR/HHS reveals two more breaches
The public list of breaches reported to HHS under the HITECH Act was updated to add two entries. Both entries are associated with the same business associate: MSO of Puerto Rico. I do not see anything on the web sites of the covered entities or the business associate about the incident nor did I see…
Shands notifies individuals of information breach
Shands Healthcare has now revealed more details on the breach mentioned last week. In a press release on their web site, they write: Shands HealthCare officials have notified about 12,500 individuals that a Shands-owned laptop computer containing their health and other personal information was stolen last month. The laptop held information about Shands patients and…
4 more healthcare breaches from 2009
Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009. Some of the breaches described in the notifications were reported in the media at the time, but I spotted a number of previously unknown breaches …