Jennifer Baker reports: A doctor’s surgery in Hertfordshire has been fined £40,000 by the UK’s privacy watchdog for giving out personal medical information in breach of data law. Regal Chambers gave information about a woman and her family to her estranged ex-partner, despite staff at the practice being warned that this might happen. Read more on…
Category: Exposure
What HHS may not do, a state might
Back in June, 2014, this site noted two breaches disclosed by Rady Children’s Hospital in San Diego that involved patient data being disclosed to job applicants. Later that month, we learned that in the process of investigating the two known breaches, Rady uncovered two more such breaches. Rady duly notified HHS in June, 2014. More than two years later, there…
More details emerge on Jefferson Medical Associates incidents
So there’s a bit more to the incidents recently disclosed by Jefferson Medical Associates that I had reported here. Now WDAM reports that it was Chris Vickery who had discovered a misconfigured database and had alerted JMA. For their part, JMA is pretty much accusing Vickery of hacking them. Here we go again…. From WDAM’s…
State hospital patients upset over medical data leak
Gordon Friedman reports: Patients at the Oregon State Hospital‘s maximum security ward report being upset that their private medical information was improperly shared by a hospital psychiatrist. On June 9, a psychiatrist used a cell phone to photograph a patient census sheet and accidentally sent it to six people, said Joni DeTrant, medical records director at OSH. The census…
Carle health system warns of data breach due to vendor error
The Carle health system in Illinois issued this statement regarding a breach due to an unnamed vendor error: Notice to Our Patients Regarding Server Files Carle is committed to protecting the security and confidentiality of our patients’ information. This notice is to inform our patients about an incident involving some patients’ information. On June 14, 2016,…
Nordic Consulting Partners email gaffe exposes PHI
External counsel for Nordic Consulting Partners has notified the NH Attorney General’s Office of a breach: This Firm represents Nordic Consulting Partners, Inc. (“Nordic”) in connection with a situation where an email with the wrong attachment was inadvertently sent out to current and former Nordic employees. The attachment contained the personal information of the recipients…