Back on July 23, Stephen R. Wigginton, United States Attorney for the Southern District of Illinois, announced: Ashley C. Drummond, 27, of Belleville, Illinois, and Susan L. Harris, 27, of Fairview Heights, Illinois, were indicted on July 19, 2012, by a Grand Jury in the United States District Court for the Southern District of Illinois, East…
Category: Health Data
LA: Almost 400 victims identified in massive identity theft scheme involving Louisiana State University hospital system employee
Michael Oliver reports: Seven Baton Rouge people are facing multiple charges, including identity theft charges, after a scheme that left nearly 400 victims in 12 states. State Police say Pamela Reams, worked in the billing department of the LSU Hospital System. She used her position to access several financial databases to obtain account information. She…
Grady issues correction to claim that ADPI breach went on for nine months
In response to inquiries initiated by this blog after noting a discrepancy between Grady’s statement and ADPI’s statement concerning the timeframe of the breach, Grady has just issued the following correction: Billing contractor data breach includes Grady EMS patient information Some Grady EMS ambulance service patients are being notified that selected personal information may have…
Three more breaches, and ignorance is definitely not bliss
Three additions to HHS’s breach tool, and so far, I can’t find anything on any of these breaches: “Surgical Associates of Utica, PC”,NY,”Quanterion Solutions, Inc.“,1017,9/18/2012,Theft,Network Server,11/16/2012,, “First Step Counseling, Inc.“,NJ,,638,5/1/2011-08/05/2011,Unauthorized Access/Disclosure,Paper,11/16/2012,, “CVS Caremark”,RI,,955,8/13/2012,Theft,Paper,11/16/2012,, I wonder if the First Step Counseling breach was an insider stealing patient data for tax refund fraud. I’d call and ask…
University of Virginia Medical Center reports lost handheld device held patients' personal and medical information (updated)
The University of Virginia Medical Center has posted a notice of a breach: The University of Virginia Medical Center and Continuum Home Infusion are committed to protecting the personal information entrusted to us by our patients and potential patients referred to us for care. Regrettably, this notice is regarding an incident involving some of that…
Did ADPI disclose enough in its notification and has it done enough for patients?
One of the things that happens with a blog like this one or DataBreaches.net is that an organization discovers that I’m covering their incident and starts checking my blogs to see what I’m writing. At the same time, I’m checking other sites to see what they’re saying. This week, I’m obviously focused on the ADPI…