From their notice posted yesterday on their web site: This letter is to inform you of a recent security incident that occurred on 4/15/16 at the Kern County Mental Health Administration offices. Our administration offices recently relocated. During the move, a report was inadvertently left behind in a vacated section of the building that had…
Category: Health Data
Ca: Patient privacy breached at Credit Valley Hospital after health records ‘improperly accessed’
Louie Rosella reports: Ontario’s Privacy Commissioner is investigating a privacy breach at Credit Valley Hospital after the personal health records of five patients were “improperly accessed” by an employee at a nearby medical building. One of the complainants, who asked not to be identified, said the hospital sent her and her husband a letter after…
Two more medical groups notifying patients of Bizmatics security incident
Unbelievable. Entities are still first notifying patients of the Bizmatics, Inc. breach. The North Ottawa Community Health System says it is erring on the side of caution following notification that the third-party electronic medical record company it uses for primary care patients might have had its computer servers breached. NOCHS spokeswoman Jen VanSkiver said the…
Ca: Eastern Health Authority reports stolen doctor’s briefcase contained patient files
Eastern Health Authority in Newfoundland has reported a second breach in three months. This one involves the theft of a physician’s briefcase. Their statement: June 8, 2016 – St. John’s, NL: Eastern Health advised today that it has experienced an accidental breach of privacy of 34 of its patients. The accidental breach occurred when a physician’s car…
House Energy And Commerce Committee Reviews Cybersecurity Practices At HHS
King & Spalding write: On May 25, 2016, the House Energy and Commerce Subcommittee on Health held a hearing to examine the Department of Health and Human Services’ (“HHS”) cybersecurity responsibilities. The hearing focused on legislation that would create a new office within HHS, the Office of the Chief Information Security Officer (“CISO”), consolidating information…
ERISA and Cybersecurity
Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…