Tallaght Hospital in Dublin has now admitted that patient medical records have been the subject of unauthorised access and disclosure. In a letter to hospital consultants on outsourcing the transcription of patient medical reports and letters for GPs, the hospital has also conceded that while it was the policy not to identify patients, this policy…
Category: Health Data
New River Health Association breach highlights a source of confusion in HHS breach tool
I love HHS’s breach tool, but it remains a source of frustration. Consider this newly added entry: “New River Health Association ,WV,,950,4/1/2011,Unauthorized Access/Disclosure,Paper,,” We know who, we know how many, we know when, but we don’t know what data types were involved, and for those who try to analyze breach data, there’s a big difference…
Stolen SilverPop laptop results in notifications
The name “SilverPop” may not seem familiar to some readers of this blog, but if you also read DataBreaches.net, you’ll recognize it as the name of an e-mail marketing service that got hacked a while back. As a consequence, a number of its clients wound up having to notify their customers that their email addresses had been…
ID: Pocatello Family Medicine responds to cyber security concern
Yet another incident where a firewall was disabled during maintenance and never restored. And although that’s bad enough, it’s a concern that it took 9 months to spot the problem. Where are the regular routine checks on security or don’t they include checking the firewall? Officials with Pocatello Family Medicine have sent letters notifying patients…
CA: Peninsula hospital reports medical records theft
Yet another hospital employee apparently walked out with records. Erin Allday reports: A mailroom employee at Mills-Peninsula Medical Center in Burlingame took home medical documents for roughly 1,500 patients over a nearly year-long period, the health care system announced today. Most of the records contained patient names and diagnostic test results, and 15 of the…
UK: Repeated failure to protect privacy of records results in an undertaking for Kirklees Metropolitan Council
When I saw that the Information Commissioner’s Office had required Kirklees Metropolitan Council to sign an undertaking following a breach, the name sounded familiar. But it turns out that it was not the stolen computer breach mentioned on DataBreaches.net two weeks ago, but an earlier breach that occurred in July 2010. From the undertaking: The…