Elaine Edwards reports: The scope of a data breach involving confidential patient information is much wider than just Tallaght hospital in Dublin, the hospital’s acting chief executive has indicated. The hospital yesterday admitted there had been “unauthorised access and disclosure” of material sent to the Philippines for transcription. Its arrangement with Irish-based company Uscribe, which…
Category: Health Data
NHS security breach as patients' letters posted with security codes on envelopes
Martin Beckford reports: At least 216 letters have been posted with security codes for door entry and key safe boxes printed on the front of the envelopes. The confidential information is used by carers and nurses to gain entry to immobile patients’ homes. But it was wrongly added to records on the Personal Demographic Service, part…
IG: Contractor Improperly Accessed VA IT
Eric Chabrow reports: The Department of Veterans Affairs’ inspector general substantiated allegations left on a departmental hotline last summer that IT contractors without appropriate security clearances improperly gained access to the VA’s electronic health record system. Belinda Finn, assistant inspector general for audits and evaluations, wrote in an audit dated July 27, that contractor personnel improperly shared user accounts…
IE: Tallaght Hospital admits data breach
Tallaght Hospital in Dublin has now admitted that patient medical records have been the subject of unauthorised access and disclosure. In a letter to hospital consultants on outsourcing the transcription of patient medical reports and letters for GPs, the hospital has also conceded that while it was the policy not to identify patients, this policy…
New River Health Association breach highlights a source of confusion in HHS breach tool
I love HHS’s breach tool, but it remains a source of frustration. Consider this newly added entry: “New River Health Association ,WV,,950,4/1/2011,Unauthorized Access/Disclosure,Paper,,” We know who, we know how many, we know when, but we don’t know what data types were involved, and for those who try to analyze breach data, there’s a big difference…
Stolen SilverPop laptop results in notifications
The name “SilverPop” may not seem familiar to some readers of this blog, but if you also read DataBreaches.net, you’ll recognize it as the name of an e-mail marketing service that got hacked a while back. As a consequence, a number of its clients wound up having to notify their customers that their email addresses had been…