SOUTH BEND, INDIANA – May 26, 2017 – Although unaware of any actual or attempted fraudulent misuse of patient information, Beacon Health System (“Beacon”) is notifying approximately 1,200 patients that records were accessed without proper authorization by a former employee. What Happened? After an audit of an employee access to medical records, Beacon discovered, on…
Category: Health Data
AU: Melbourne hospital in hot water as patients’ confidential medical records found on train
Aneeka Simonis reports: A Melbourne hospital has apologised after the confidential medical records of more than a dozen patients were found on a train. The Herald Sun understands the privacy breach, at the Northern Hospital in Epping, involved 16 patients. The documents, found recently on a South Morang line train, included patients’ names, home addresses, contact…
MolinaHealthcare.com Exposed Patient Records
Brian Krebs reports: Earlier this month, KrebsOnSecurity featured a story about a basic security flaw in the Web site of medical diagnostics firm True Health Group that let anyone who was logged in to the site view all other patient records. In that story I mentioned True Health was one of three major healthcare providers with…
University of Wisconsin Health: UW Health: Information on 2,036 patients compromised after data breach
UW Health says that 2,036 patients had information compromised after an employee’s email account was used by an unauthorized user. UW Health says they learned on March 28, 2017 that a breach of information happened on March 16, 2017. Officials say an unauthorized individual got access to an employee’s credentials and email account. UW Health…
Calling time of death on HHS’s “breach tool”
I was excited back in 2010 when HHS started posting breaches on what some would call the “wall of shame.” I knew that we’d only learn about breaches involving HIPAA-covered entities, but at least we were finally starting to get some actual data. Now, more than 6 years later, it’s become clear to me that it’s probably best to just call time of death…
Careless handling of HIV information jeopardizes patient’s privacy, costs St. Luke’s-Roosevelt Hospital Center $387k
The U.S. Department of Health & Human Services(HHS), Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement based on impermissible disclosure of protected health information (PHI). St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid HHS $387,200 to settle potential violations of the HIPAA Privacy Rule…