A second big settlement from HHS this week (you can find the first one here). HHS’s press release concerning a case that was previously reported on this site in 2014 follows. The incident also resulted in a class action lawsuit that was settled in 2019. CHSPSC LLC, (“CHSPSC”) has agreed to pay $2,300,000 to the…
Category: Health Data
Spokane health district apologizes for accidental disclosure of personal health info
Megan Carroll reports: The Spokane Regional Health District is apologizing on Monday after it accidentally disclosed personal health information to a partner agency. According to a press release, SRHD discovered the unauthorized disclosure to Northeast Washington Educational Service District 101 on Tuesday, Sept. 8. Recipients included school administrations and nursing staff. Read more on KREM.
Montefiore employee terminated after data breach affected up to 4,000 patient records
Jeff Lagasse reports: On Friday, Montefiore Medical Center alerted patients that a former employee had recently stolen personal information from roughly 4,000 patient records, which led Montefiore to terminate the employee upon learning of the security breach and potential identity theft. Read more on Healthcare Finance. Their story appears to have a typo in it, though: the…
Member of thedarkoverlord sentenced to 60 months and $1.4 million in restitution
The first — and so far, only — person to have been arrested and charged as a member of “thedarkoverlord” pleaded guilty today in federal court in Missouri. Nathan Francis Wyatt, 39, of Wellingborough, Northamptonshire in the U.K. was sentenced by Judge Judge Ronnie L. White to 60 months in prison and almost $1.5 million…
Athens Orthopedic Clinic Pays $1.5 Million to Settle HHS Charges of Systemic Noncompliance with HIPAA Rules
From HHS, a settlement notice involving one of thedarkoverlord’s victims. Athens Orthopedic Clinic is still facing a lawsuit from patients that made it all the way up to the Georgia Supreme Court on the issue of whether they had demonstrated enough harm to survive a motion to dismiss. Note: This blogger is the journalist referenced…
Are covered entities unnecessarily giving fundraisers PHI on patients?
I have no doubt that numerous sites will start generating “lessons learned” or “five takeaways” from the Blackbaud breach — if they haven’t done so already. And perhaps one of the consequences of this mega-breach needs to be a discussion of whether some entities are unnecessarily giving their fundraising arms or business associates too much…