Another problem with mailing bills that results in a HIPAA breach. Physicians Health Plan of Northern Indiana, Inc. (PHPNI) posted an FAQ on December 18 about an incident affecting Indigo members. Their report to HHS indicates that 1,708 patients were affected. What happened? An error occurred in the assembly of a premium billing statement mailing on December 8,…
Category: Exposure
Allina Health Isles Clinic notifies more than 6,000 patients of improper disposal of their records
First, the notice from Allina Health in Minnesota: This notice concerns a privacy situation that occurred at the Allina Health Isles Clinic, located at 2800 Hennepin Avenue, Minneapolis, MN 55408. On October 27, 2015, Allina Health discovered that in limited circumstances, containers which may have had documents with patient information were being emptied into a…
NY dermatologist notifies patients after email error exposes PHI
Add Mary Ruth Buchness, M.D. to the list of medical practices that have reported a breach in 2015. On December 12, she submitted a copy of her notification letter to patients to the Vermont Attorney General’s Office. A copy of the notice is also prominently linked from her web site. Dr. Buchness writes, in part:…
Florida Agency For Healthcare Administration records with PHI sent to landfill by mistake
From Florida’s Agency for Health Care Administration, Dec. 21: HIPAA Notice of Improper Disposal of Protected Health Information. The Agency for Health Care Administration has determined that certain inspection records which may contain protected health information were improperly disposed of on November 12, 2015. On November 13, 2015, the Agency discovered that old inspection records of…
[Hello Kitty Update] Security Advisory: Corrected a vulnerability involving personal information of SanrioTown.com members
As noted in an update to my first post, Salted Hash learned that this incident potentially impacted over 186,000 children under the age of 18. Here is Sanrio’s statement from their SanrioTown web site: Sanrio Digital notifies that personal information belonging to members of the consumer website SanrioTown.com was publicly accessible owing to a security vulnerability….
Misconfigured database may have exposed 1.5 million individuals’ PHI: researcher (UPDATE2)
Alliance Health is a technology company that owns and operates a group of condition-specific social communities with over 1.5 million registered members. Their 29 communities include conditions such as arthritis, diabetes, Crohn’s, asthma, allergies, and HIV, but also includes mental health conditions such as ADHD, Bipolar Disorder, and anxiety disorders. To join a community, the member is…