Back in July, Ambucor Health Solutions reported a breach to HHS that affected 1,679 patients. Their report, submitted as a Business Associate, was coded as “Unauthorized Access/Disclosure – Email,” with the location of the data being “Other Portable Electronic Device.” That incident was included in Protenus’s breach barometer for July, but no additional details were…
Category: Health Data
Personal health information taken from locked area: Winnipeg Regional Health Authority (UPDATE 1)
Katherine Dow reports: The Winnipeg Regional Health Authority is set to release further details after personal health information was taken from a locked area earlier this month. The authority said those affected have been notified. This comes after the WRHA dealt with multiple security breaches in January. The first breach came on Jan. 14 when…
Anthem Breach Victims Go To Court Over Cybersecurity Audit Release
Dark Reading reports: Victims of a data breach at health insurer Anthem in February 2015 have filed a class-action lawsuit against the company and are seeking details of an audit by the U.S. Office of Personnel Management (OPM) on Anthem’s network security, Modern Healthcare reports. In the cyberattack, hackers compromised personal details of around 80…
NHS Trust cancels EVERY operation at three hospitals after its electronic system was hit by a computer virus attack
Abe Hawken reports on what sounds like it might be a ransomware situation (update: nope, it is not): All operations have been cancelled at three hospitals run by the same NHS Trust after a virus attack compromised their computer system. The system, which is run by Northern Lincolnshire and Goole NHS Trust, had to be shut…
UK: Former Solent NHS Trust employee prosecuted for Section 55 offense
From the Information Commissioner’s Office: A former administrative employee of Solent NHS Trust, Kayleigh Evans, has been prosecuted at West Hampshire Magistrates’ Court for accessing the sensitive medical records of a former girlfriend of her partner, without the consent of the data controller. The unlawful accesses to the records were over a 10 month period….
Three Warner Chilcott District Managers Sentenced for Healthcare Fraud
The following is a press release from the DOJ. But what it doesn’t explain is how the pharmaceutical employees accessed patient information. If they did so (write prior authorization) without the doctors’ knowledge and/or consent, how did they get access to the patient files? And how were they able to put brochures in patients’ files? Three former…