Sometimes by the time a notification appears on a state breach notification site, I’ve forgotten whether I ever reported it or not. Case in point: Capital Digestive Care in Maryland. I knew about it on February 22, and helped make the notification to them to get them to investigate it (it turned out to be…
Category: Health Data
1.13M Patient Records Breached From January to March 2018
Proprietary data from Protenus shows disclosed breaches are just one one-thousandth of the actual risk health systems routinely carry 1,129,744 patient records were breached between January and March 2018, according to new data released today in the Protenus Breach Barometer. Published by Protenus, an artificial intelligence platform used by top health systems to analyze every…
Malware may have compromised some Florida Hospital patient information
Naseem S. Miller reports: A malicious software that recently affected several Florida Hospital websites may have compromised some patient information, the health system said on Wednesday afternoon. […] The compromised websites include FloridaBariatric.com, FHOrthoInstitute.com and FHExecutiveHealth.com. They were taken offline for repair. Read more on Orlando Sentinel. As of the time I’m posting this, I…
MAXIMUS notifies 3,029 patients after Business Ink mailing error exposes PHI
The following was the notification MAXIMUS sent out on April 17 and that they kindly provided to this site today. There was also a Spanish-language version: MAXIMUS today notified approximately 1,100 Texas families participating in Medicaid and the Children’s Health Insurance Program (CHIP) of a printing error that resulted in some program participants receiving a…
Mass notification launched after inappropriate access to 1,756 Winnipeg patients’ data
Canadian Press reports: The Winnipeg Regional Health Authority says it will be contacting hundreds of patients in the coming weeks after a nurse inappropriately accessed their personal health information. The authority says in a release that the nurse, who had access to the emergency department information system for work at one site, inappropriately searched information…
Former Trump doctor alleges that president’s medical records were seized in raid
This is a damned soap opera. If a patient “raids” his own doctor and steals his own medical records, is that a reportable breach under HIPAA and HITECH if the doctor is a HIPAA-covered entity? I think it is. Even if it is some kind of standard practice for the White House to obtain a…