Andrea Gunn reports yet another incident where Canadian medical marijuana users have been outed by a mailing gaffe. Veterans across Canada are reporting a security breach involving mail sent out by Veterans Affairs Canada that lets anyone looking at the outside of the envelope know it was issued under the federal medical marijuana program. Veteran…
Category: Health Data
Pager system hack resulted in HIPAA breach for Providence Health & Services
A while back, I was shown some live-streaming of a pager system that was being used in what appeared to be a hospital environment, as the pages included room numbers, patient medication information, etc. Unable to figure out what entity or organization was responsible for the system and the exposure as pages flew by rapidly,…
AL: Atmore Community Hospital fires employee who snooped on 1,000 patients’ records for more than one year
From The Atmore Advance: An Atmore Community Hospital employee was terminated for accessing the electronic record of approximately 1,000 patients without an appropriate work-related reason, according to a press release from Infirmary Health. The breach of the patients’ privacy was discovered during a routine audit on Nov. 18, Director of Marketing Lauren Giddens said in…
Hit by ransomware, Brandywine Pediatrics recovers quickly and notifies patients
Add Delaware-based Brandywine Pediatrics, P.A. to our growing list of healthcare entities hit by ransomware. The practice notified patients on December 23 that on October 25, they had discovered that their file server was inaccessible due to a computer virus. They did not indicate what type of ransomware was involved. Brandywine reports that were able…
Family & Sports Medicine center patient records remain inaccessible three months after ransomware attack
Add Desert Care Family & Sports Medicine in Casa Grande, Arizona to the list of health facilities who suffered a ransomware attack. But what happened to them has resulted in my updating my worst breaches of 2016 list. On December 20, the center notified HHS that 500 patients were being notified that their server had…
Southcentral Foundation notifies patients after employee email accounts hacked
Southcentral Foundation (SCF) in Alaska recently notified 14,719 individuals after two employees’ email accounts containing protected health information were hacked in October. According to their statement, SCF first became aware of a possible breach on October 18. Subsequent investigation by outside consultants determined that two employee email accounts had been accessed: one was vulnerable from Oct. 17-18, and the…