Benjamin Krause writes: VA OIG just reported that Palo Alto VA Health Care System unlawfully gave patient data to a private IT company despite employees not having cleared background checks. The watchdog investigated allegations that the Palo Alto VA informatics chief entered into an illegal agreement with a health care company called Kyron. VA OIG confirmed allegations…
Category: Health Data
Data breach lawsuit against former parent company of Flowers Hospital survives motion to dismiss
There’s a noteworthy update to a lawsuit against Triad of Alabama, the former parent company for Flowers Hospital, whose employee was convicted on both federal and state charges for stealing and trafficking in patient information for tax refund fraud. The breach and earlier developments in the lawsuit were covered on PHIprivacy.net. Today, Lance Griffin reports that the amended class…
Canadian physician facing disciplinary charges over snooping in patients’ records
There’s an update to a breach that I hadn’t read about back in June when it was first reported. The breach allegedly involves one doctor who improperly accessed two patients’ records held at Group Health Centre and Sault Area Hospital. But the allegations have some bizarre features, as SooToday reports: The hospital reported in June that an internal investigation into…
IE: Confidential patient files on street near hospital in Drogheda
BreakingNews.ie reports: Two investigations are underway after confidential patient files were found on a street in Drogheda. The files were discovered by a local man out walking near Our Lady of Lourdes Hospital, which says it takes the matter “extremely seriously”. It says all 44 patients affected will be met individually and a letter of…
Barrington Orthopedic Specialists, Ltd notifies patients after theft of equipment
Barrington Orthopedic Specials, Ltd in Illinois is notifying 1,009 patients following the theft of a laptop with protected health information. From their substitute notice on their web site: Barrington Orthopedic Specialists, Ltd. takes patient privacy very seriously, and it is important to us that you are made fully aware of a potential privacy issue. We have…
DEA obtains a federal search warrant for patient data on MicroMD
Justin Shafer pointed me to a case where the government, investigating a healthcare provider, served SaaS MicroMD with a federal search warrant for some patients’ data. You can read Justin’s write-up on his blog, but the case reminds us that patient data can be disclosed to law enforcement without patients’ awareness or consent, and that unencrypted patient…