Following a story in today’s Columbus Dispatch, reported earlier today on this blog, Grant Medical Center has issued the following press release and substitute notice on its web site: POTENTIAL SECURITY BREACH AT GRANT COLUMBUS, Ohio – On November 5, 2010, Grant Medical Center discovered that out-of- service computers were stolen from an inventory storage…
Category: Health Data
Missing Heraeus backup tapes contained medical info
Through its lawyers, Heraeus Incorporated notified the New Hampshire Attorney General’s Office on December 29 of a security breach. According to the letter, the company noticed on November 18 that a steel cabinet that contained a safe with backup tapes was missing. The company believes (but cannot be sure) that the cabinet was discarded…
Seabury & Smith service reports security breach
Marsh U.S. Consumer, a Seabury & Smith service, recently reported a security breach to the New Hampshire Attorney General’s Office. The benefits plan provider reported that due to a programming error and transmission of incorrect URLs, a dedicated server for its client, ITT Corporation, was exposing some ITT employees’ benefits plan personal information to other employees who…
(update) Riverside Mercy Hospital breach reported to HHS
An incident previously reported on this blog involving paper records left behind and exposed at the now-closed Riverside Mercy Hospital has been reported to HHS. As an example of how confusing HHS’s breach log tool can be without additional details, here is the log entry: Riverside Mercy Hospital and Ohio/Mercy Diagnostics,OH,,1000,11/15/2010,Improper Disposal,Paper Records,1/4/2011 Based on…
Periodontist’s server hacked, patients notified
A periodontist from Germantown, Maryland has notified HHS of a security breach that affected 1,000 patients. A web site about the breach, created by ID Experts, describes the incident: On October 14, 2010, when the computer system of the dental Practice of Gary C. Spinks, DMD, PC, shut down, the Practice learned that a hacker had…
PinnacleHealth notifies patients that a medical transcription service breach exposing patient records went undetected for two years
Another breach involving a transcription service. This time, it’s PinnacleHealth System in Pennsylvania, who recently reported an incident to HHS involving Gair Medical Transcription Services. On December 17, PinnacleHealth issued a press release that indicates that the breach may have occurred back in 2008, but was only detected when someone searching for something online stumbled across…