Earlier this month, I covered a VA privacy breach incident that had been reported in the Pittsburgh Tribune-Review. At the time, I noted that it was not clear to me whether the incident had been included in the VA’s monthly report to Congress as I hadn’t seen anything like that case mentioned. I wrote to…
Category: Health Data
UK: Met called after hackers send obscene emails from university database
Josh Halliday reports: The Metropolitan police has been called in after computer hackers gained access to a London university medical database, sending a string of expletive-laden emails to hundreds of its users. Unidentified hackers sent emails last week pretending that members of the university’s executive board were involved in a “recent child pornography sting” and…
Emory Healthcare posts statement about breach on its web site
A statement was posted today on Emory’s web site about a breach first reported yesterday: Emory Healthcare recently received notification from external law enforcement agents that 77 of our orthopaedics patients may have been victims of identity theft in May 2008 or January 2009. Please be assured that this was not a breach into the…
Emory Healthcare patient records used in tax refund fraud scheme (updated)
Emory Healthcare alerted thousands of patients about a fraud scheme Monday. Hospital officials said someone stole personal patient information and used that information illegally. Emory officials said 77 people had their social security numbers stolen and used in a tax return scam. Officials said 2,400 other patients were given 12 month identity protection in case…
Privacy and Security in Health Care: A fresh look
A new issue brief by Deloitte reviews previous research and generates figures based on breaches reported to HHS. This Issue Brief from the Deloitte Center for Health Solutions (DCHS): Provides an update about current and emergent privacy and security challenges in health care; Examines notable hot spots where current policies, rules, and regulations are a…
Coming in "under the line:" when breaches affect less than 500 individuals
In a blog post, “500 Is a Magic Number: Health Information Breaches Impacting 499 or Fewer Patients Likely Go Uninvestigated By OCR,” Colin J. Zick of Foley Hoag writes: In the recently-released fiscal 2012 budget for HHS, a dirty little secret has been acknowledged: the Office of Civil Rights does not have the resources to…