Torsten Ove reports: A Cuban national extradited last summer from Venezuela to face charges that he used hundreds of stolen UPMC employee identifications to file bogus tax returns for millions in refunds is prepared to admit to his crimes. Yoandy Perez Llanes, 32, and his public defender filed notice Monday that he will enter a…
Category: Health Data
Summit Reinsurance issues notice of breach discovered in August
Regular readers will realize that I’ve been reporting on the Summit Reinsurance breach since it first appeared in a covered entity’s disclosure back in November. Since then, I’ve been compiling and/or reporting on other entities affected by the ransomware attack that they discovered August 8, 2016. So seven months after discovery, they are first issuing a public…
UK: Nurse inappropriately accessed patient records for three years
STV reports: A night-shift nurse accessed the medical records of a colleague who was on sick leave. Lorraine Mcintosh faced disciplinary proceedings over her actions, which came to light when she was overheard discussing “blood test results and the reason for sick leave of another staff member” with a fellow employee. The nurse, who had…
VCU Health System notifies 2,700 of inappropriate access to their medical records
The Richmond Times-Dispatch reports: Virginia Commonwealth University Health System is notifying about 2,700 people that their or their minor child’s electronic medical records were inappropriately accessed over a three-year period. The university said it has no indication that the private health information has been used for any unintended purposes. The breach was found Jan. 10…
Brand New Day notifies 14,005 members after breach at vendor
From their press release of March 10: Universal Care, Inc. dba Brand New Day (BND) announced today that it has notified individuals related to a privacy incident involving information stored by a third-party vendor. The incident did not involve information that was stored or maintained on BND’s own systems. On December 28, 2016, BND learned…
Denton Heart Group notifies patients stolen hard drive held 7 years’ worth of PII/PHI
As seen on their site: Denton Heart Group (the “Clinic”), a member of HealthTexas Provider Network (HTPN) is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice concerns an incident involving some of that information. On January 11, 2017, we learned that an external computer hard drive was stolen from…