James Mayse reports for the Messenger-Inquirer: The names, Social Security numbers and dates of birth of thousands of people who visited the Green River District Health Department were available unsecured online for months, at least since October. But the company maintaining the computer database fixed the problem immediately Wednesday evening after being notified by the…
Category: Health Data
Second Circuit limits the right to medical privacy
We normally associate the constitutional right to privacy with abortion and other child-bearing and (and related) concepts. But that right also covers the right to avoid disclosure of certain personal matters, including medical information. This case asks whether a New York City schoolteacher could sue the Board of Education for publicizing her fibromyalgia. The answer…
Case Note 210870 [2010] NZ Priv Cmr 24 : Medical centre fails to establish identity of requester and discloses health information about a patient to their former partner
From the Office of the Privacy Commissioner of New Zealand: A man, M, who was involved in legal proceedings with his former partner, X, was a patient of a medical centre. The medical centre previously provided medical care to M and his family when he and X were still together. X visited the medical centre with…
UK: Dorset HealthCare Trust send confidential health faxes by mistake
Joanna Codd reports: Highly confidential faxes about people with mental health problems have been mistakenly sent to a Bournemouth business over a period of 18 months. Despite the business alerting officials to the problem, the documents have continued to arrive at the offices of Cole Valuations in Exeter Road at the rate of two or…
WA: HACKED: Kadlec notifying patients of computer server breach
From the staff of Tri-City Herald: Kadlec Regional Medical Center officials announced today that patients are being notified that one of the hospital’s computer servers containing brain scan and other patient studies was hacked in September. Files housed on the server included information including a patient’s name, birth date, age, gender, medical record number and…
Seacoast Radiology Computer Server Breached – 231,400 Patients Notified
From a Seacoast Radiology press release: Seacoast Radiology, PA discovered on November 12, 2010 that an office server containing personal patient data and billing information was accessed by an unauthorized third party. Access to this server was disabled immediately and an independent investigation concluded that unauthorized use of patient and billing data is unlikely. All patients…