Greenwood Leflore Hospital in Greenwood, Mississippi has notified 3,750 patients after five bins of old x-rays with limited patient information was stolen from hospital grounds. From the notice posted on their website: Notice to Patients of X-Ray Films Made in 2007 or Earlier That Were Removed from the Hospital Without Authorization We are providing this…
Category: Health Data
Four more breaches reported by Baylor Health affiliates (updated)
[Update: The Irving incident affected 2,308 and the McKinney incident affected 1,253. Baylor Health declined to discuss their internal security policies, so we do not know if the doctors were violating any policy by having unencrypted PHI in their email accounts or if Baylor Health permits this.] Original article: After posting the two phishing reports from Baylor…
AHIMA offers data breach toolkit to healthcare providers and suits their action to their advice
Over on HealthITSecurity.com, Patrick Ouellette notes that American Health Information Management Association’s (AHIMA) recently published a Breach Management Toolkit. The tool requires an AHIMA membership, but the Journal of AHIMA detailed what the tool has to offer providers and a sample of required elements within a data breach notification letter. Patrick reports that the toolkit discusses five critical pieces of…
NY: Albany Medical Center nurse charged with stealing patient identities
Tim O’Brien reports: A nurse at Albany Medical Center is accused of stealing the identities of patients for at least a year and possibly as many as four, Sheriff Craig Apple said Wednesday evening. She and her live-in boyfriend then used the information to set up credit card accounts and to print fake bank checks, he said. The nurse was…
Boulder Community Health investigating patient records allegedly acquired from unlocked bins or dumpsters
Alex Burness reports on a situation that should concern patients: At least nine Boulder Community Health patients have had copies of their personal medical records stolen either from inside or nearby the hospital’s Foothills campus, then mailed to them by an anonymous source. It’s the third such breach the hospital has investigated since 2008. In…
Will Unearthing the FTC’s Data Security Standards Help the Health Care Industry?
Elizabeth Litten of Fox Rothschild writes: …. As described in prior posts on this blog, the Federal Trade Commission (FTC) has brought numerous enforcement actions against businesses based on its decision that the businesses’ data security practices were “deceptive” or “unfair” under Section 5 of the FTC Act. When I last checked the FTC’s website, there were 54…