Audit: DODIG-2018-109 (pdf) From the audit’s findings: Officials from the DHA, Navy, and Air Force did not consistently implement security protocols to protect systems that stored, processed, and transmitted EHRs and PHI at the locations tested. Specifically, we identified issues at the Naval Hospital Camp Pendleton; San Diego Naval Medical Center; USNS Mercy; 436th Medical…
Category: Health Data
HIV Patient’s Records Leaked, UAMS Fires 3
KARK reports: University of Arkansas Medical Sciences fired three employees over sharing an HIV patient’s private medical information. The records included the patient’s name, age, surgical history, HIV status and employment information. The hospital says the employees were fired after being accused of violating their HIPAA oath. “We took action right away,” said Vice Chancellor…
FastHealth breach still first being disclosed to some clients’ patients
Ugh. The FastHealth breach is still dripping out with yet more people first being notified. This time, it’s Cullman Regional. There’s no provision in HITECH (at least as far as I know) that would require a business associate to make one public disclosure of how many patients, total, have to be notified about an incident….
WI: Class action lawsuit filed against UnityPoint over data breach disclosed in April
Ed Treleven reports: UnityPoint Health, which operates Meriter Hospital in Madison, delayed reporting a data breach and falsely told patients that information stolen during the breach did not include their Social Security numbers, according to a federal class-action lawsuit filed Friday. The lawsuit, filed in U.S. District Court in Madison, concerns a reported data breach…
Capital Digestive Care patient data exposed by vendor error
Sometimes by the time a notification appears on a state breach notification site, I’ve forgotten whether I ever reported it or not. Case in point: Capital Digestive Care in Maryland. I knew about it on February 22, and helped make the notification to them to get them to investigate it (it turned out to be…
1.13M Patient Records Breached From January to March 2018
Proprietary data from Protenus shows disclosed breaches are just one one-thousandth of the actual risk health systems routinely carry 1,129,744 patient records were breached between January and March 2018, according to new data released today in the Protenus Breach Barometer. Published by Protenus, an artificial intelligence platform used by top health systems to analyze every…