Howard Anderson writes: My fingers are crossed that the final version of the federal breach notification rule greatly clarifies when a breach has to be reported to the individuals affected as well as federal authorities. I hope the final version states in the simplest possible terms that the federal law supersedes state laws, unless the…
Category: Health Data
KPMG employee loses unencrypted flash drive with patient info on 3,630
An accounting firm used by the Saint Barnabas Health Care System and its affiliated hospitals in New Jersey has reportedly lost an unencrypted flash drive that may have contained some patients’ names as well as information about their health care. In a notice on their web site, the hospital states that the flash drive lost…
Second SunBridge Healthcare Corp data breach in as many months
SunBridge Healthcare Corporation has experienced another theft involving protected health information. On August 25, the company posted a press release to its site indicating that a BlackBerry containing unencrypted information about current and former residents and patients from eight Georgia nursing and rehabilitation centers was stolen from an employee’s desk on June 26, 2010. The…
Another data breach involving NYU School of Medicine?
The NYU School of Medicine Aging and Dementia Clinical Research Center informed HHS last week about a data breach that reportedly occurred on or about April 3 when a portable electronic device containing protected health information on 1,200 patients was lost. I cannot find any information on their site about this incident at this time…
Mayo Clinic worker fired for snooping on patient records
Jeff Hansel reports that the Mayo Clinic has fired an employee for snooping into medical and financial records over a period of four years: The employee worked in the Mayo financial business unit in Arizona and once worked in Rochester. An estimated 1,700 patient records were accessed, said Mayo spokesman Chris Gade, noting the employee…
Lucile Packard Children's Hospital Appeals CDPH Fine (updated)
For Release: September 09, 2010 PALO ALTO, Calif. — Lucile Packard Children’s Hospital at Stanford is appealing a California Department of Public Health (CDPH) penalty. The CDPH on April 23, 2010, after the self-reporting of a security incident by Packard Children’s, alerted the hospital that a fine of $250,000 was being levied as a result…