Dave Parkinson reports: A former staff member at Withybush Hospital inappropriately accessed electronic patient hospital records, health bosses have revealed. Hywel Dda Health Board said it has written to 41 people to provide them with information and support after its own investigation identified the breach. The individual, an administrator at Withybush Hospital is no longer…
Category: Health Data
Health Data Breaches in 2017: The Year in Review
Protenus, Inc. has released its 2017 review of breaches involving health data. It is the second annual review they have published since we began collaborating on data collection and analyses. As a reminder of last year’s major findings: Protenus reported that in 2016, insider incidents constituted approximately 43% of the 450 incidents we had compiled…
December was one of the busiest months for health data breach disclosures
While you are eagerly awaiting the release of Protenus’s annual review of 2017 health data breaches, I thought I’d mention that December closed the year out with a bang with 52 possible breaches being disclosed. Only June, 2017 (with 53 reports) exceeded December. Of the 52 entries, 20 were hacking incidents and 17 were insider…
Pedes Orange County notifying patients after doctor found accessing EMR without authorization
Pedes Orange County, Inc. in California shares their medical facility with another medical group that conducts surgical procedures. To coordinate, it seems that they share a scheduling tool with other medical professionals in their building. Somehow – and it’s not yet clear to me how this happened in terms of access controls – a physician…
Ca: Dark family secrets: Anonymous letter uncovers child welfare records
Here’s a news report of an insider privacy breach in Canada that is just…. awful. That is has resulted in severe psychological harm and trauma to one of those impacted is not surprising. The incident, which you can read about here, involves records that are more than 30 years old that appear to have been…
CareFirst makes final push for Supreme Court to hear breach case
Jessica Davis reports: Maryland-based CareFirst has filed a final appeal to the U.S. Supreme Court to hear its data breach case, arguing that without a high court review, companies in every sector will be hit with a “flood” of data breach lawsuits in the future. The appeal stems from a decision by the U.S. Court…