A recent HHS settlement that included a relatively small monetary penalty, $31,000, didn’t seem to get a lot of media attention. Maybe today’s announced settlement stemming from a laptop theft that resulted in a steep monetary penalty will get attention? From HHS: The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced…
Category: Health Data
Healthcare records for sale on Dark Web
Ryan Francis reports on the cost of a medical record on the dark web, and it’s nice to see Flashpoint agreeing with what some of us have been saying for a while now – that the cost is generally about $1 per record – not the $200 figure you may have read in earlier reports…
Unencrypted patient info from 2008 left in a van, and…… yeah.
From their disclosure notice: Western Health Screening (“WHS”) is an organization that offers comprehensive blood screening tests. It partners with community organizations, such as hospitals, to provide onsite blood screenings at Health Fairs throughout the Western slope of Colorado. You have been a participant at Health Fairs in the past that were sponsored by either…
Atlantic Digestive Specialists notify patients of ransomware incident
On February 20, 2017, Atlantic Digestive Specialists (“ADS”) discovered that some of its systems were infected with ransomware. ADS removed the ransomware from the affected systems by February 22, 2017. ADS has been working diligently, with the assistance of third-party forensic investigators, to determine the full nature and scope of this incident. To date, the…
Iowa Veterans Home warns nearly 3,000 of data breach after phishing incident
In February 2017, Google and the State of Iowa were the target of multiple phishing email campaigns. The Office of the Chief Information Officer (OCIO) and the Iowa Veterans Home jointly responded and coordinated the recovery of the incident and worked together to implement additional measures to prevent a similar occurrence in the future. We…
RI: Lifespan notifying 20,000 patients after unencrypted laptop stolen from employee’s car
Lifespan is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice concerns an incident involving some of that information. To date, Lifespan has no indication that any patient information has been accessed or used by anyone as a result of this incident. Lifespan is investigating the theft of an employee’s…