Are you surprised to see a settlement with HHS arising from an investigation that began when an entity reported a stolen laptop in 2013? Keep reading this notice from HHS to find an explanation: West Georgia Ambulance, Inc. (West Georgia), has agreed to pay $65,000 to the Office for Civil Rights (OCR) at the U.S….
Category: Health Data
As 2019 draws to a close, some entities are taking harder look at storing PHI in employee email accounts
Okay, so two exemplars doesn’t prove any kind of trend, but I’m glad to see some entities now taking steps to reduce how much PHI is stored in employee email accounts. Here are two recent incidents, both reported to HHS in December: Healthcare Administrative Partners (HAP) is a Pennsylvania-based business associate under HIPAA. On December…
IL: Former Lurie Children’s employee wrongfully accessed patient data, hospital says
WLS reports: Ann & Robert H. Lurie Children’s Hospital of Chicago is notifying some of its patients about a former employee’s access of patients’ medical records. On Nov. 15, the hospital learned that between Sept. 10, 2018 and Sept. 22, 2019, an employee accessed certain patients’ medical records without a business reason to do so,…
TX: San Antonio mental health and substance abuse services provider hit by ransomware attack
Laura Garcia reports: A cyber attack has shut down the computer network at the Center for Health Care Services, Bexar County’s largest provider of mental health and substance abuse services. CEO Jelynne LeBlanc Burley confirmed Tuesday that the company’s system was included in a larger-scale cyber attack last week that’s under investigation by federal law…
NM: Portales hospital reports security breach after discovering malware on radiology server
ABC reports: Roosevelt General Hospital patients should keep an eye on their credit scores following a potential breach into the hospital’s secure systems containing personal information. RGH issued a public notice Monday regarding the potential theft of patients’ personal information that was discovered on Nov. 14. Read more on ABC.
Philadelphia hepatitis data exposure posed ‘no risk to confidentiality’ because of Inquirer notification, city says
Nathaniel Lash reports: The medical records of thousands of Philadelphians were not compromised, the city said, after The Inquirer notified the city’s Health Department of a data breach that attached positive hepatitis test results with intimate personal details. This finding comes after an investigation by the city’s Public Health Department and a team with the…