HIPAA Journal reports on the newly released IBM study: The 2020 Cost of Data Breach Report from IBM Security has been released and reveals there has been a slight reduction in global data breach costs, falling to $3.86 million per breach from $3.92 million in 2019 – A reduction of 1.5%. There was considerable variation in data…
Category: Health Data
Ca: Health records found at Fort Simpson dump may have been stolen: report
Katherine Barton reports a long-awaited update to a 2018 incident where the investigation was delayed due to backlog: The Northwest Territories’ privacy commissioner’s investigation into medical records allegedly recovered at the Fort Simpson landfill in 2018 point to someone stealing the files from a health and social services building in the community. CBC North first…
Privacy Breach at Central Health
A notice posted to their site: Central Health is announcing today that a former employee has inappropriately accessed the health records of approximately 240 individuals. “Central Health would like to apologize to each person who has had their privacy breached”, said Andree Robichaud, President and CEO of Central Health. “We take confidentiality and privacy very…
More pharmacy chains report HIPAA breaches linked to looting during protests
First it was Walmart disclosing that their pharmacies in stores in California and Chicago had suffered damage and theft by looters of medications ready for pickup with patient information on labels. Then it was CVS, who notified HHS that more than 21,000 patients’ information may have been compromised by looters who stole or accessed prescriptions…
Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach
In April, 2017, Lifespan issued a statement disclosing a stolen laptop incident involving unencrypted protected health information. In at least two places in their statement they claim that they are committed to protecting the security and confidentiality of patient data. Today, OCR announced a settlement with Lifespan in which Lifespan is to pay more than…
University of Utah notifying patients after phishing attack
Did University of Utah Health really have three phishing incidents this year? Maybe not. I was confused when I saw a new listing on HHS’s public breach tool this week. The incident, reported to HHS on July 20, reportedly affected 10,000 patients and involved PHI located in email. As such, it seemed to match an…