Meg Haskell of the Bangor Daily News reports that 660 patients at Eastern Maine Medical Center will be receiving letters that their personal information was on a hard drive that was discovered missing on December 22, 2017. The hard drive, owned and operated by an unnamed vendor, held information on patients who underwent cardiac ablation between Jan. 3,…
Category: Health Data
Logs audit reveals The Peds in Las Vegas suffered insider-wrongdoing breach in 2014
There is so much wrong with this one that although I give them great credit for admitting they had a breach four years ago that they first discovered, I find their notification quite concerning. From The Pediatric Endocrinology and Diabetes Specialists, 5235 South Durango #103, Las Vegas, NV 89113: On 11 January 2018, during an audit of…
Records of pain device patients on stolen Nevro laptops
Nevro Corporation in California provides what they call HF10 therapy devices for patients coping with chronic pain. After several laptops with patient data were stolen during an office burglary, they had to notify patients that their information was on the unencrypted devices: name, street address, birth date, procedure date, medical device identifiers (such as serial number),…
Fresenius Medical Care North America settles HHS OCR complaint for $3.5m plus corrective action plan
Fresenius Medical Care North America (FMCNA) has agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and to adopt a comprehensive corrective action plan, in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. FMCNA…
HHS OCR January 2018 OCR Cybersecurity Newsletter: Cyber Extortion
January 30, 2018 Incidents of cyber extortion have risen steadily over the past couple of years and, by many estimates, will continue to be a major source of disruption for many organizations. Cyber extortion can take many forms, but it typically involves cybercriminals’ demanding money to stop (or in some cases, to merely delay) their…
MO: Licensed Professional Counselor Pleads Guilty to $175,000 Medicaid Fraud Scheme
A DOJ press release, but unfortunately, it doesn’t reveal for whom the defendant was working when she misused patient information. Was she self-employed or an employee of another entity? Jefferson City, Mo. – Missouri Attorney General Josh Hawley announced that Corrine A. Dale, of St. Louis, entered an open plea in St. Louis County Circuit Court…