If you haven’t read it already, do read Theresa Defino’s excellent report from HCCA Compliance’s Report on Patient Privacy on JDSupra. It may be one of the most interesting — and most frustrating — reports I’ve read about OCR investigations. Why did I find it frustrating, you might wonder? Because of the lack of any…
Category: Health Data
UK: Hospital medic lost boxes of private patient data while conducting study without approval
Jonathan Humphries reports: A senior medic has been suspended after running a clinical trial using sensitive medical information without permission of his hospital. Miguel Martin Garcia, a band 8 physiotherapist at Liverpool Women’s Hospital, used patient consent forms headed with the trust’s branding and carted off boxes of patient records to a private practice. His decision…
San Diego Family Care discloses possible data breach
City News Service reports: San Diego Family Care announced Friday it has alerted current and former patients and employees about a computer security breach that may have involved their personal information. […] The issue came to light in December, when officials with SDFC and its business associate, Health Center Partners of Southern California, became aware…
University of Florida Health Shands notifies patients of privacy breach
University of Florida Health Shands officials have notified 1,562 individuals affected by a privacy incident involving a former employee who accessed medical records outside the scope of their duties between March 30, 2019 and April 6, 2021. Although this information did not involve Social Security Numbers, insurance details or other financial information, some demographic information…
IA: Wolfe Eye Clinic victim of Lorenz threat actors
There is no notice of any cyberattack on the web site of Wolfe Eye Clinic in Iowa, but the clinic has been investigating and addressing an alleged attack for more than one month now while patient care continues at their multiple locations. On April 1, threat actors known as Lorenz added the clinic to its…
UK: Edinburgh mental health clinic in probe after client information accessed in scam
James Delaney reports: An Edinburgh mental health clinic is at the centre of a probe into a data breach resulting in hundreds of client contact details being accessed as part of a phishing scam. Bosses at The Edinburgh Practice, which offers a range of psychological and psychiatric counselling, were accused of failing to properly notify patients of the…