On February 1, Coastal Cape Fear Eye Associates in North Carolina notified HHS of a hacking incident that impacted 925 patients. Unlike many other ransomware reports where there is no clear evidence of PHI acquisition or compromise, in this incident, there was evidence of actual compromise, although no evidence of exfiltration. Here is the entity’s…
Category: Health Data
Lawsuit against Rensselaer County partially revived on medical privacy issue
There’s an update to an insider-wrongdoing lawsuit that I first noted back in September, 2013, after some employees at Rensselaer County Jail filed suit against their employer for snooping in their medical records. As I’ve reported in the past, the breaches occurred against a backdrop where the county jail uses Samaritan Hospital to provide services…
Sued by Aetna over botched mail notifications, KCC fires back, suing Aetna
“I sue you, You sue me, We both sue too easily. Too easily to let it show. I sue you and that’s all I know.” — wrote Art Garfunkel never. Alison Frankel reports: A day after Aetna sued the claims administrator Kurtzman Carson Consultants for exposing confidential medical information about Aetna clients in a settlement…
Tennessee hospital notifies 24,000 patients after EMR system attacked with cryptocurrency mining software
In what may be the first report I’ve seen of a hospital having their EMR server hit with cryptocurrency mining software, Decatur County General Hospital in Parsons, Tennessee started notifying 24,000 patients on January 26. A substitute notice on their web site explains: On November 27, 2017, we received a security incident report from our EMR…
Aetna sues claims administrator KCC over botched notice in HIV case
Alison Frankel reports that Aetna is suing Kurtzman Carson Consultants for exposing plan members’ HIV status in envelope windows sent out in July as part of notifying members of settlement negotiations in other litigation matters. The privacy breach resulting from the exposure resulted in Aetna members experiencing a privacy breach involving sensitive information, and led…
UK: Hospital chiefs launch probe after boxes of patients’ notes left in ARI corridor for a week
Ewan Cameron reports: Health chiefs today launched a probe after boxes of patients’ private health records were left unattended in a hospital corridor for a week. A shocked member of the public spotted at least six boxes of documents, including patients’ notes, sitting in Aberdeen Royal Infirmary (ARI) and contacted the Evening Express. After we…