KATV reports: A Little Rock plastic surgery clinic released a statement on Friday about a HIPAA breach that happened in July. According to a statement from Little Rock Plastic Surgery, it was discovered on or about July 15, 2019, that a nurse downloaded reports, photos, and other information that contained Protected Health Information of several…
Category: Health Data
Ca: NWT faces lawsuit over over 2018 health data breach that could affect all residents
Canadian Press reports: The Northwest Territories is facing a lawsuit over a stolen laptop containing medical files that could include information on every resident in the territory. […] The lawsuit stems from a government-owned laptop that was stolen from inside a parked vehicle in Ottawa in May 2018. The laptop has never been found. Read…
Premier Family Medical in Utah notifying 320,000 patients of ransomware incident
Premier Family Medical in Utah is notifying 320,000 patients of a ransomware incident that they disclosed in August. The incident has now been posted on HHS’s public breach tool after the physician group notified HHS several days ago. In an August 30th notice on their website, practice explained that on July 8, they experienced a…
Ca: Potential health data breach exposing names, medical conditions discovered by privacy researcher
Francesca Fionda reports: Up on the roof of the Vancouver Public Library, privacy researcher Sarah Jamie Lewis connects a small antenna to her laptop to listen in on what appears to be a major ongoing breach of sensitive health data of patients in the Vancouver area. For months, she says, personal information has been sent…
Alive Hospice’s breach notification required a second breach notification
It occasionally happens that a breach or incident response creates a second incident of its own. That seems to be the case with Alive Hospice, as this newest press release suggests, but does this require second notification to HHS/OCR? My first impression is that it would, but I’m interested to hear what HIPAA lawyers might…
Oh good grief, Saturday edition
Seen on Twitter: BREAKING: Dutch hospital that just got fined 460.000 euro by Dutch DPA for staff snooping in medical files, is in the news today again: staff used medical files as grocery list. Left them in shopping cart supermarket. Compliance is a cultural issue!https://t.co/LhVELzgL8J #GDPR — Jeroen Terstegge (@PrivaSense) September 7, 2019 A google…