Lancaster Online reports: Penn State Hershey Medical Center said it has notified 1,801 patients of a privacy breach, after it was discovered an employee had been working with protected health information from his home computer. Officials at the hospital said in a press release Friday afternoon that results of an extensive internal investigation give no…
Category: Health Data
Breach of patient records investigated by UC Irvine Medical Center
Statement from UC Irvine Medical Center: June 17, 2015 On March 13, 2015, officials at UC Irvine Medical Center discovered that an employee, whose job required access to some patient records, had looked at additional records without a job-related purpose between June 2011 and March 2015. As far as it is possible to determine, the…
Blue Shield of California notifies some members of exposure breach following software update
Software updates are an all-too-common source of breaches. Here’s another one, this involving Blue Shield of California. From their notification to the California Attorney General’s Office: As the (unintended) result of a computer code update Blue Shield made to the website on May 9, three users who logged into their own website accounts simultaneously with…
NY: Metropolitan Hospital Center notifies almost 4,000 patients of breach
The NYC Health and Hospitals Corporation is providing some powerful reminders of the importance of auditing and monitoring employee emails. Last month, I noted that they had detected breaches involving patients at Bellevue Hospital and Jacobi Medical Center. On June 1, HHC notified HHS of yet another email-related breach, this one involving Metropolitan Hospital Center….
Laptops stolen from National Seating and Mobility contained some patient information
National Seating and Mobility notified the New Hampshire Attorney General’s Office on June 12 of an incident that occurred on April 14, 2015 when two laptops, a smartphone, a backpack, and a briefcase were stolen from two employees’ locked work vans in Atlanta, Georgia. The incidents were immediately reported to the police and NSM was…
Rogue Equifax employee improperly accessed Rite Aid employees’ information
Pharmacy giant Rite Aid receives online paystubs, W-2s, and self-service applications from Equifax. In early March, Equifax notified Rite Aid that it had detected suspicious activity on some Rite Aid employee accounts. Equifax’s investigation resulted in a subsequent notification to Rite Aid on April 30 that an employee had misused their privileged access to reset…