To Report or Not Report Health Care Data Breaches December 11, 2020 Amanda Walden, PhD, RHIA, CHDA , Kendall Cortelyou-Ward, PhD , Meghan Hufstader Gabriel, PhD , Alice Noblin, PhD, RHIA, CCS, PMP The American Journal of Managed Care, December 2020, Volume 26, Issue 12 This study presents information regarding the decisions that health care privacy officers make about reporting a data breach, including…
Category: Health Data
Norwegian DPA imposes administrative fine to Østfold HF Hospital
From EDPB on November 25: The Norwegian Data Protection Authority has decided on an administrative fee of NOK 750,000 to Østfold HF Hospital. The background is that in the period 2013-2019, the hospital stored report extracts from patient records outside the safe zone. The case started with a notice of personal data breach from the…
Maine disability services provider notifies 3,000 patients after thwarting ransomware attack
Here’s another incident where patients are not being offered any mitigation services — in this case, presumably because the entity and its external IT vendor could not find any evidence that ransomware threat actors had ever accessed, copied, or exfiltrated any data. Employment Specialists of Maine is a service provider for adults with mental health…
Cedar Springs Hospital notifies patients of breach after state loses drive with patient data
Yesterday, Cedar Springs Hospital in Colorado issued a press release about an incident that involved the state. They explain: Cedar Springs Hospital recently received a request from its licensing agency, the Colorado Department of Public Health & Environment (“CDPHE”), for certain hospital records. As a licensed healthcare provider, Cedar Springs Hospital is subject to periodic…
Former Elgin Mental Health Center Employee Charged With Identity Theft
CBS Chicago reports: Illinois State Police announced Wednesday that they have arrested a former Elgin Mental Health Center employee on identity theft charges. Kayla Brown, 25, of Country Club Hills, has been charged with a total of four felony counts of identity theft. She is an employee of the Illinois Department of Human Services, which…
Cyberattack cost UVM Medical Center $1.5 million a day
Kate Jickling reports: The October cyberattack cost the University of Vermont Medical Center $1.5 million a day in increased expenses and lost revenue, hospital president Stephen Leffler said Tuesday. That “back of the envelope” calculation doesn’t include the cost of getting the system back up and running, he told reporters. Forty-two days have elapsed since…