Alasdair Clarke reports: A nurse who abused her position to read the private medical records of 28 patients has been sacked by NHS Lothian. Julie Naughton admitting to looking at the records over a six month period in 2018 without having any medical or health need. She was working at the Royal Infirmary of Edinburgh at the time, and some…
Category: Health Data
Cyberattack on Georgia agency exposed private information of parents, children
WSBTV reports: Hackers breached state email accounts in the Georgia Department of Human Services exposing personal information of adults and children who have cases with Child Protective Services and the Division of Family and Children Services. The breach happened in the first two weeks of May, but state officials say it was August before state…
OCR Settles Ninth Investigation in HIPAA Right of Access Initiative
From HHS, yesterday: The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announces that it has settled its ninth enforcement action in its HIPAA Right of Access Initiative. OCR announced this initiative as an enforcement priority in 2019 to support individuals’ right to timely access to their health…
Community Health Systems settles charges by 28 states over 2014 data breach
It’s been an expensive few weeks for Community Health Systems and CHSPSC. First, a few weeks ago, HHS announced that CHSPSC LLC, (“CHSPSC”) has agreed to pay $2,300,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential…
Dr Lal PathLabs, one of India’s largest blood test labs, exposed patient data
Zack Whittaker and Manish Singh report: Dr Lal PathLabs, one of the largest lab testing companies in India, left a huge cache of patient data on a public server for months, TechCrunch has learned. The lab testing giant, headquartered in New Delhi, serves some 70,000 patients a day, and quickly became a major player in testing…
Medical data of 150 Toronto hospital patients allegedly used to extort money from company
Katherine DeClerq reports: A Toronto hospital says that roughly 150 patients have been impacted by a data breach after a third-party employee allegedly stole medical reports in an effort to extort money from their company after being let go. According to a letter sent on Sept. 30 by a privacy and information access specialist at Unity…