Warwick Ashford reports on what seems to me to be yet another case of hard-coded credentials creating a critical vulnerability in protecting patient data, and I, of course, have questions. Ashford reports: The QuicDoc & Office Therapy suite of software produced by DocuTrac contains security vulnerabilities that could allow attackers to gain control of patient…
Category: Health Data
ATI Physical Therapy notifies patients of data breach
ATI Physical Therapy is notifying patients of a security incident that appears to have targeted employees’ email accounts. Here is their update of March 12, although I’m not sure when any previous notification may have been published (their newsroom does not show any prior notice on their site): About the data privacy event ATI Holdings,…
Owner says North Battleford store receiving private medical records via fax
If you harbored any hope that we might be done with breaches due to misdirected faxes, I hate to disillusion you, but Meaghan Craig and Thomas Piller report yet another example in Canada: The Saskatchewan Health Authority is looking into instances where confidential medical records were allegedly faxed to a computer store in North Battleford….
Medical and personal information on 33,420 BJC HealthCare patients left exposed on Internet
By Blythe Bernhard A security breach at BJC HealthCare left personal information on 33,420 patients potentially available to the public, a company spokeswoman said today. The patients’ medical records, names, addresses, telephone numbers, dates of birth, Social Security numbers, drivers license numbers, medical and insurance information were accessible through the Internet from May 9, 2017,…
A.G. Schneiderman Announces $575,000 Settlement With EmblemHealth After Data Breach Exposed Over 80,000 Social Security Numbers
March 6 – Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective…
CO: Front Range Dermatology Associates notifies patients of insider-wrongdoing incident
Tommy Wood reports: Front Range Dermatology Associates, which has locations in Greeley, Loveland Fort Collins and Fort Morgan, suffered a breach of medical records in January, the company announced in a news release. The compromised data includes patients’ names, medical record numbers, dates of service, billing codes, names of insurance companies and dates and amounts…