Grand Street Medical Associates is a multi-disciplinary practice in Kingston, New York. At some point, what appears to be a vast amount of their patients’ protected health information was left exposed on an unsecured FTP server. The leak was discovered by a security researcher, who notified GSMA and then contacted DataBreaches.net on March 12. According…
Category: Health Data
Bozeman Health clerical snafu causes concern
Belgrade News reports: A clerical error occurred in a letter sent by Bozeman Health announcing the retirement of gastrointestinal physican Dr. Steven Shaneyfelt on Feb. 19, the agency reported. Patient names were not correctly matched with patient addresses, which resulted in 1,124 people receiving a letter with another name posted. Concerns arose regarding personal information…
KY: Ransomware incident at Methodist Hospital in Henderson (update2)
On March 15, Jessica Gavin reported: A cyber security breach, striking Methodist Hospital in Henderson. We’re learning the FBI is investigating this right now, but there’s some good news. [….] David Park, COO of Methodist, tells 14 NEWS the hackers have copied patients records and locked those copies. They’ve deleted the originals. “We’ve notified the FBI,…
Missing mental health assessments result in HIPAA notifications by VA to 373 veterans
I was skimming the Veterans Administration report to Congress on data breaches and incidents for February and thinking, “Hey, this looks pretty good this month,” and then…. I saw an incident involving the VA Midwest Health Care Network in St. Cloud, Minnesota. On February 9, a staff member conducted group meetings to complete a paper packet with…
NJ: Virtua Medical Group notifies 1,654 patients whose information was exposed on Internet (updated)
On March 11, Burlington County Times reported: Virtua Medical Group, the network of doctors exclusively affiliated with the South Jersey health system, reported Friday that patient information — including names and treatments over a five-year period — was accidentally released and viewable on the Internet in January. The medical group learned on Jan. 21 that…
NZ: Privacy review at Wellington Hospital after staffer caught snooping on records
Back in December, I noted an alleged breach at Wellington Hospital that was being investigated, but the name of the employee wasn’t provided, so it’s not clear whether that report is related to a new report out today by Ben Weather: A Wellington Hospital staff member has left after being caught accessing 33 patients’ records….