Thomas Manch reports: An Auckland DHB lab technician has been censured after inappropriately prying into medical records. Rosalinda Zabala inappropriately accessed the medical records of patients, including a one-year-old, just short of 900 times in a three year period. Zabala, who worked for the DHB for more than 15 years, admitted her wrongdoing when confronted by management and lost her job in December 2014. Read more…
Category: Health Data
Central Ohio Urology Group hacked, PHI dumped: hacktivist (Updated)
A Ukrainian hacktivist claims to have hacked and dumped 156 GB of patient data from Central Ohio Urology Group in Ohio. The alleged hack was announced Tuesday morning by the @PravSector account, who posted an unredacted screen shot and a link to the data dump on Google Drive. The data fields in the screen shot…
Uncommon Care, PA notifies almost 14,000 patients of Bizmatics breach
Oh my. Another Bizmatics, Inc. client has been first notifying patients of the 2015 breach discovered at the end of 2015. This time it’s Uncommon Care, PA in Texas, and they had to notify 13,674 patients. Uncommon Care, PA is committed to protecting patient information. This commitment includes notifying patients if there is a possibility that…
American Family Care notifies 7,200 patients of breach involving PHI
American Family Care recently notified HHS of a breach affecting 7,200 patients. The breach was coded as “Unauthorized Access/Disclosure Electronic Medical Record,” with the location coded as “Other.” Pretty confusing, right? Here’s their statement that explains it: (Birmingham, AL – July 29, 2016) At American Family Care (AFC) we are committed to maintaining the privacy and…
Some recent additions to HHS’s breach tool
Sometimes it takes a while to find documentation on breaches posted on HHS’s public breach tool. Here are some details on two breaches added to their site this month: Blaine Chiropractic Center – MN On July 14, HHS posted an entry for Blaine Chiropractic Center in Minnesota that affected 1,945 patients. The incident was coded as…
University of Arkansas for Medical Sciences statement on missing patient records
So it appears that University of Arkansas for Medical Sciences had a breach back in January, but only this week (based on the notice’s metadata) posted something on their site about it: UAMS has been unable to notify approximately 15 patients regarding an incident that may have involved disclosure of their personal information. What happened?…