The New York State Psychiatric Institute, a facility owned and operated by the New York State Office of Mental Health, has reported the following incident to HHS as impacting 21,880 research participants: On June 17, 2016, New York State Psychiatric Institute (NYSPI) learned that, between April 28 and May 4, certain parts of our system were accessed…
Category: Health Data
MO: Medical records for 238 Children’s Mercy Hospital patients stolen
KTTN reports that the medical records for 238 patients at Children’s Mercy Hospital were stolen from an employee’s locked vehicle on August 4. From their report, it sounds like the employee routinely needed to take records from facility to facility. They did not explain why those records could not have remained on a server that the employee…
AL: Lawsuit against Flowers Hospital could widen to include other alleged ID theft victims
Ken Curtis reports the latest developments in a lawsuit stemming from an insider breach for tax refund fraud. The former Flowers Hospital employee is currently serving a prison sentence, but now others want to join the potential class action lawsuit against the hospital. Curtis reports, in part: Legal documents show that Millender was in possession…
Harbin Clinic notifies patients that records stored at Iron Mountain are lost, missing, or destroyed
Seen on their web site: On August 2, 2016, Harbin Clinic was notified by document storage facility Iron Mountain, Inc., that several boxes of medical records are unaccounted for and/or are missing or destroyed from their Atlanta facility. Harbin Clinic engaged the data safety warehouse to maintain the privacy of our patients’ records, as Iron Mountain…
County-USC patients’ personal information stolen in car break-in
Abby Sewell reports: Files containing personal information on more than 700 patients treated at Los Angeles County-USC Medical Center were stolen when an employee’s car was broken into, county health officials said Monday. The break-in occurred in July. The county Department of Health Services released a statement after trying to notify the affected patients by mail. The…
Appalachian Regional Hospitals on emergency operations plan; computers shut down after malware injection
Daniel Tyson reports: Appalachian Regional Hospitals in Beckley and Summers County computer systems were breached Saturday afternoon, but company officials were tight-lipped as to the extent or what information was seized by the hackers. The hospitals’ parent company, Appalachian Regional Healthcare, issued a two-paragraph statement that their hospitals in West Virginia and Kentucky are on…