Okay, so two exemplars doesn’t prove any kind of trend, but I’m glad to see some entities now taking steps to reduce how much PHI is stored in employee email accounts. Here are two recent incidents, both reported to HHS in December: Healthcare Administrative Partners (HAP) is a Pennsylvania-based business associate under HIPAA. On December…
Category: Health Data
IL: Former Lurie Children’s employee wrongfully accessed patient data, hospital says
WLS reports: Ann & Robert H. Lurie Children’s Hospital of Chicago is notifying some of its patients about a former employee’s access of patients’ medical records. On Nov. 15, the hospital learned that between Sept. 10, 2018 and Sept. 22, 2019, an employee accessed certain patients’ medical records without a business reason to do so,…
TX: San Antonio mental health and substance abuse services provider hit by ransomware attack
Laura Garcia reports: A cyber attack has shut down the computer network at the Center for Health Care Services, Bexar County’s largest provider of mental health and substance abuse services. CEO Jelynne LeBlanc Burley confirmed Tuesday that the company’s system was included in a larger-scale cyber attack last week that’s under investigation by federal law…
NM: Portales hospital reports security breach after discovering malware on radiology server
ABC reports: Roosevelt General Hospital patients should keep an eye on their credit scores following a potential breach into the hospital’s secure systems containing personal information. RGH issued a public notice Monday regarding the potential theft of patients’ personal information that was discovered on Nov. 14. Read more on ABC.
Philadelphia hepatitis data exposure posed ‘no risk to confidentiality’ because of Inquirer notification, city says
Nathaniel Lash reports: The medical records of thousands of Philadelphians were not compromised, the city said, after The Inquirer notified the city’s Health Department of a data breach that attached positive hepatitis test results with intimate personal details. This finding comes after an investigation by the city’s Public Health Department and a team with the…
Healthcare startup Lyfebin exposed medical images; startup denies they were real or identifiable patient data
Zack Whittaker reports: Healthcare startup Lyfebin exposed thousands of medical imaging files, such as X-rays, MRI scans and ultrasounds. The Los Angeles-based healthcare startup allows doctors and medical staff to store medical images in its “secure environment,” per its website, allowing patients and doctors access from anywhere. This seems to be one of those situations…