Catherine Ho reports: The personal information of nearly 900 patients of San Francisco General and Laguna Honda hospitals was breached after a former employee of one of the hospitals’ vendors got unauthorized access to the data, the San Francisco Public Health Department said Friday. The data included patients’ names, dates of birth, medical record numbers…
Category: Health Data
Cerebral Palsy Research Foundation of Kansas notifying 8,300 clients after discovering data had been exposed for 10 months
The Cerebral Palsy Research Foundation of Kansas, Inc. posted the following notice on its site about a breach. According to their report to HHS, the incident resulted in the notification of 8300 clients. May 9, 2018 To CPRF Clients: We are writing to notify CPRF clients of a privacy incident involving demographic data for those…
UK: Patients’ data released in Oswestry orthopaedic hospital breach
Lisa O’Brien reports: The trust running Oswestry’s orthopaedic hospital has reported a data breach involving patients who were involved in a long-standing study. An investigation has been launched after Robert Jones and Agnes Hunt Orthopaedic Hospital NHS Foundation Trust reported the breach to the Information Commissioner’s Office. […] It is understood that the data breach…
The Oregon Clinic notifies patients after employee email account hacked
From their press release: The Oregon Clinic announced today that a data security incident may have affected protected health information (PHI) within an email account. On March 9, 2018, The Oregon Clinic learned that an unauthorized third party accessed an email account. The Oregon Clinic immediately disabled the unauthorized access to the account and began…
Protection of Patient Health Information at Navy and Air Force Military Treatment Facilities
Audit: DODIG-2018-109 (pdf) From the audit’s findings: Officials from the DHA, Navy, and Air Force did not consistently implement security protocols to protect systems that stored, processed, and transmitted EHRs and PHI at the locations tested. Specifically, we identified issues at the Naval Hospital Camp Pendleton; San Diego Naval Medical Center; USNS Mercy; 436th Medical…
HIV Patient’s Records Leaked, UAMS Fires 3
KARK reports: University of Arkansas Medical Sciences fired three employees over sharing an HIV patient’s private medical information. The records included the patient’s name, age, surgical history, HIV status and employment information. The hospital says the employees were fired after being accused of violating their HIPAA oath. “We took action right away,” said Vice Chancellor…