There’s an update on a breach reported in August, 2017. CBS reports: CVS Health is being sued for allegedly revealing the HIV status of 6,000 patients in Ohio. A federal lawsuit claims CVS mailed letters last year that showed the status of participants in the state’s HIV drug assistance program through the envelopes’ glassine window….
Category: Health Data
MA: Cambridge Health Alliance notifying patients after law enforcement alerts them to stolen data
They say that they’re not yet sure how a breach involving patient data happened, but Cambridge Health Alliance in Massachusetts was notified by the police that three electronic patient files had been found in possession of an unauthorized party. CHA learned of the breach on January 31, and opened their own investigation, which revealed that…
CareFirst phishing attack could affect 6,800 members
Morgan Eichensehr reports: CareFirst BlueCross BlueShield, Maryland’s largest health insurer, has been the victim of a “phishing” email attack that potentially affected 6,800 of its members. This breach comes about three years after CareFirst weathered another cyberattack that affected more than 1 million of its members. The Baltimore company has 75 percent market share in the…
NY: Arc of Erie County exposed client info for more than 2 years due to coding error
March 9, 2018 The Arc Erie County New York (The Arc) was recently made aware that certain information contained on two spreadsheets stored on its database was publicly available on the internet between approximately July 2015 and February 15, 2018 due to a problem with a link on The Arc’s website. This issue appears to…
NY: Middletown Medical dealing with data breach
Daniel Axelrod reports: Middletown Medical recently discovered the practice’s staff may have accidentally disclosed an unspecified amount of its patients’ personal health information in January, the provider announced Thursday. “On January 29, 2018, we learned that the security setting on a Middletown Medical radiology interface may have permitted users to see a patient listing and,…
AU: Health department breached Privacy Act in 2016 incident
AAP reports: The federal health department breached the Privacy Act when it released data about one in 10 Australians and didn’t adequately protect their identities. In August 2016 the department published data on a government website regarding a 10 per cent sample of people who had made a claim for payment of Medicare benefits since…