John Bryan uses a recent monetary penalty by the Information Commissioner’s Office to contrast what might happen to fines under the GDPR. Fertility patients being treated at the Lister Hospital, part of the US-based HCA Healthcare group, discovered in April 2015 that transcripts of their confidential patient-doctor conversations were publicly available on the world wide web….
Category: Health Data
Greenway Health Reports Ransomware Attack (Updated)
From Greenway Health: TAMPA, April 24–An apparent criminal cyber attack that has affected a limited portion of its customers was reported today by Greenway Health to its affected customers, the company says. The incident involves “ransomware,” in which the attackers freeze access to data and offer to restore it in exchange for a ransom payment….
AU: Privacy breach costs $23,000 – but could have been worse
Alison Baker and Rhiannon Nixon of Hall & Wilcox write: The Office of the Australian Information Commissioner (OAIC) has ordered Comcare to pay a Defence Force employee $23,000 after it inadvertently published on its website personal information, including sensitive health information, about the employee. For organisations with obligations under the Privacy Act 1988 (Cth), this…
Three Family Members in North Suburban Chiropractic Group Sentenced to Federal Prison in $10.8 Million Fraud Scheme
Sometimes patients are willing victims of misuse of their records. We generally don’t see the government prosecuting patients for participating in fraud schemes like the one described below by DOJ, but I almost wish that they occasionally would prosecute participating patients. Then, too, do these patients get counted as “medical identity theft” victims in the…
Man wanted for 17 burglaries in medical offices at Inova Fair Oaks; cash, iPads stolen
Nancy Chen reports: A man is wanted for 17 burglaries at medical offices on the Inova Fair Oaks Medical Campus, and police say cash and iPads were stolen on April 22 in Fairfax County, Virginia. Read more on ABC. So what was on those iPads? Any PII or PHI? We don’t yet know…..
Ca: William Osler Health System says staff member inappropriately used patient info
Codi Wilson reports: William Osler Health System says an internal investigation has been launched after an employee allegedly accessed patient records to obtain narcotics. In a statement issued Tuesday, William Osler Health System said that earlier this week, it notified patients about the data breach. According to the statement, a staff member allegedly used patient…