Note: Northeast Radiology issued a press release yesterday about a data security incident that their healthcare management services provider, Alliance HealthCare Services, notified them about. DataBreaches.net noted that Alliance notified Northeast Radiology on January 11, 2020 — the day after TechCrunch reported updated research on the problem with exposed PACS leaking protected health information. Although…
Category: Health Data
Computer systems at University of Kentucky and UK HealthCare hobbled by massive, month-long cyber attack
Alex Acquisto reports: The University of Kentucky and UK HealthCare conducted a major reboot of their computer systems early Sunday morning in an effort to end a month-long cyber attack that university officials say is the most substantial cyber intrusion in university history. The unidentified “threat actors” infiltrated Kentucky’s largest university system in early February…
Melbourne professor quits after health department pressures her over data breach
Josh Taylor reports: A prominent university professor has quit after the health department pressured her university to stop her speaking out about the Medicare and PBS history of over 2.5 million Australians being re-identifiable online due to a government bungle. In 2016, Vanessa Teague, a cryptographer from the University of Melbourne, and two of her…
PA: Liability claim remains against UPMC Susquehanna in medical records ‘snooping ‘ case
John Beauge reports: A Lycoming County judge has refused to dismiss a vicarious liability claim against UPMC Susquehanna that is being sued because an employee accessed the medical records of a co-worker without authorization. Judge Eric R. Linhardt on Wednesday rejected UMPC’s claim it was not liable because Taylor Fausnaught failed to state any claim…
UK: West Suffolk Hospital apologises after dog walker finds medical records in nature reserve
Sam Russell and Fiona Leishman report: A hospital trust is apologising to patients whose confidential records were reportedly found by a dog walker in a Cambridgeshire nature reserve. The bundle of documents from the West Suffolk Hospital in Bury St Edmunds was found on Sunday (March 1) by a member of the public at Trumpington…
OCR settles complaint against doctor for failure to have appropriate risk assessment and security controls, despite technical assistance
OCR has settled a complaint against a covered entity for violations that first occurred prior to November, 2013, but continued thereafter. Yes, 2013. That’s when Steven A. Porter, M.D., first reported a breach to OCR that involved his business associate Elevation43. According to the complaint Porter filed at the time, and as described by OCR,…