Harrisburg Gastroenterology, Ltd. issued a press release yesterday that leaves a lot of questions unanswered: Harrisburg Gastroenterology, Ltd. announced today that it is notifying individuals related to a privacy incident involving certain patient information. On March 17, 2017, following an investigation of potentially suspicious system activity, Harrisburg Gastroenterology determined that an unauthorized individual could have…
Category: Health Data
UK: Fertility patient data breach fine would have been much higher under GDPR
John Bryan uses a recent monetary penalty by the Information Commissioner’s Office to contrast what might happen to fines under the GDPR. Fertility patients being treated at the Lister Hospital, part of the US-based HCA Healthcare group, discovered in April 2015 that transcripts of their confidential patient-doctor conversations were publicly available on the world wide web….
Greenway Health Reports Ransomware Attack (Updated)
From Greenway Health: TAMPA, April 24–An apparent criminal cyber attack that has affected a limited portion of its customers was reported today by Greenway Health to its affected customers, the company says. The incident involves “ransomware,” in which the attackers freeze access to data and offer to restore it in exchange for a ransom payment….
AU: Privacy breach costs $23,000 – but could have been worse
Alison Baker and Rhiannon Nixon of Hall & Wilcox write: The Office of the Australian Information Commissioner (OAIC) has ordered Comcare to pay a Defence Force employee $23,000 after it inadvertently published on its website personal information, including sensitive health information, about the employee. For organisations with obligations under the Privacy Act 1988 (Cth), this…
Three Family Members in North Suburban Chiropractic Group Sentenced to Federal Prison in $10.8 Million Fraud Scheme
Sometimes patients are willing victims of misuse of their records. We generally don’t see the government prosecuting patients for participating in fraud schemes like the one described below by DOJ, but I almost wish that they occasionally would prosecute participating patients. Then, too, do these patients get counted as “medical identity theft” victims in the…
Man wanted for 17 burglaries in medical offices at Inova Fair Oaks; cash, iPads stolen
Nancy Chen reports: A man is wanted for 17 burglaries at medical offices on the Inova Fair Oaks Medical Campus, and police say cash and iPads were stolen on April 22 in Fairfax County, Virginia. Read more on ABC. So what was on those iPads? Any PII or PHI? We don’t yet know…..