Harold McNeil reports: People Inc. said it was the target of a data security breach that involved protected health information of some of its current and former clients. People Inc. learned that two employees’ email accounts were breached and their emails contained personal information about clients, including names, addresses, Social Security numbers, financial account information,…
Category: Health Data
OH: Personal information of more than 2400 TriHealth patients wrongly shared with student
Max Londberg reports: The personal information corresponding to more than 2,000 TriHealth patients was shared with a student mentee who was not authorized to view the data. The medical system announced the discovery Friday afternoon in a press release. Shared data included patients’ first and last names, ZIP codes, ethnicity, dates of birth and cancer…
Ca: Laptop with personal information of up to 225 minors stolen from Thompson NRHA building in March
The Thompson Citizen reports: Personal information of up to 225 minors may have been on a laptop that was stolen from the Northern Regional Health Authority (NRHA) administration building in March. The theft of the laptop was discovered March 27. The computer contained client names, birth dates, genders, personal health information numbers (PHINs) and the…
Medical Informatics Engineering Agrees to Pay $100,000 and to Implement Corrective Action Plan to Settle 2015 HIPAA Breach
From HHS, an update on the Medical Informatics Engineering breach of 2015 that resulted in a multi-state lawsuit (the first of its kind) in December, 2018: Medical Informatics Engineering, Inc. (MIE) has paid $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services, and has agreed take corrective…
TX: HHS joins medical records dump investigation
Jacob Rascon reports: With the help of Tomball Police, the United States Department of Health and Human Services Office for Civil Rights is investigating the illegal dumping of thousands of medical records. The more than 20 boxes of records belonged to former Today’s Vision patients and employees, including their Social Security numbers. Read more on…
Cancer Treatment Centers of America notifies patients after phishing attack on employee email account
Cancer Treatment Centers of America has been sending notification letters to patients whose protected health information was in an employee email account that was compromised by a phishing attack. The employee works at the Southeastern Regional Medical Center. The attack took place on March 10, 2019, and the attacker was potentially able to access the…