March 6 – Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective…
Category: Health Data
CO: Front Range Dermatology Associates notifies patients of insider-wrongdoing incident
Tommy Wood reports: Front Range Dermatology Associates, which has locations in Greeley, Loveland Fort Collins and Fort Morgan, suffered a breach of medical records in January, the company announced in a news release. The compromised data includes patients’ names, medical record numbers, dates of service, billing codes, names of insurance companies and dates and amounts…
Officials: 2 ex-Florida Hospital employees stole, sold patient records
Jeff Deal and Jason Kelly report: Federal investigators said two former Florida Hospital employees stole and sold an unknown number of patient records. The hospital said it wouldn’t comment on the allegations because of a pending lawsuit, but Channel 9’s Jeff Deal uncovered a civil lawsuit against the hospital, which is separate from the criminal case,…
Insider Threat Seriously Undermining Healthcare Cybersecurity
I don’t agree that insider threats are more of a problem than external threats, but I am glad to see insider threats – including “human error” incidents get more attention. Jai Vijayan reports: The healthcare industry’s ability to defend against cyberthreats is being seriously undermined by its own workforce, according to two separate reports released…
Flexible Benefit Service Corporation notifies 5,123 of phishing incident
Illinois-headquartered Flexible Benefit Service Corporation (“Flex”) is a general agency and benefit administrator serving insurance brokers, employers and insurance carriers. As such, they are a Business Associate to HIPAA-covered entities. The follow is from their notification of a security incident that was reported to HHS on February 16, as impacting 5,123 people. Flex does not indicate…
Kansas Department for Aging and Disability Services Notifies 11,000 Consumers About Breach of Protected Health Information
March 1, 2018 TOPEKA, Kan. – The Kansas Department for Aging and Disability Services (KDADS) has begun to notify individual consumers about a recent incident in which personal or protected health information was disseminated to a specific group of KDADS business associates. On February 23, 2018, KDADS became aware of a potential breach of personal…