By Blythe Bernhard A security breach at BJC HealthCare left personal information on 33,420 patients potentially available to the public, a company spokeswoman said today. The patients’ medical records, names, addresses, telephone numbers, dates of birth, Social Security numbers, drivers license numbers, medical and insurance information were accessible through the Internet from May 9, 2017,…
Category: Health Data
A.G. Schneiderman Announces $575,000 Settlement With EmblemHealth After Data Breach Exposed Over 80,000 Social Security Numbers
March 6 – Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective…
CO: Front Range Dermatology Associates notifies patients of insider-wrongdoing incident
Tommy Wood reports: Front Range Dermatology Associates, which has locations in Greeley, Loveland Fort Collins and Fort Morgan, suffered a breach of medical records in January, the company announced in a news release. The compromised data includes patients’ names, medical record numbers, dates of service, billing codes, names of insurance companies and dates and amounts…
Officials: 2 ex-Florida Hospital employees stole, sold patient records
Jeff Deal and Jason Kelly report: Federal investigators said two former Florida Hospital employees stole and sold an unknown number of patient records. The hospital said it wouldn’t comment on the allegations because of a pending lawsuit, but Channel 9’s Jeff Deal uncovered a civil lawsuit against the hospital, which is separate from the criminal case,…
Insider Threat Seriously Undermining Healthcare Cybersecurity
I don’t agree that insider threats are more of a problem than external threats, but I am glad to see insider threats – including “human error” incidents get more attention. Jai Vijayan reports: The healthcare industry’s ability to defend against cyberthreats is being seriously undermined by its own workforce, according to two separate reports released…
Flexible Benefit Service Corporation notifies 5,123 of phishing incident
Illinois-headquartered Flexible Benefit Service Corporation (“Flex”) is a general agency and benefit administrator serving insurance brokers, employers and insurance carriers. As such, they are a Business Associate to HIPAA-covered entities. The follow is from their notification of a security incident that was reported to HHS on February 16, as impacting 5,123 people. Flex does not indicate…