Elizabeth Snell reports an update to a 2010 breach previously covered on this site: The Pennsylvania Superior Court recently dismissed claims in a healthcare data breach class action lawsuit, explaining that the trial court needs to review the plaintiff’s claim under the Uniform Trade Practices and Consumer Protection Law (UTPCPL). In the case Baum v. Keystone Mercy Health…
Category: Health Data
Florida Hospital Medical Group notifies patients after transcription service error
Florida Hospital Medical Group recently notifed HHS of a breach affecting 1,906 patients. Although the breach reportedly involved a transcription service, the entry on HHS’s public breach tool does not indicate any business associate was involved. In digging into this report, I found that the Orlando Sentinel had reported the incident on April 8: If you’re…
Settlement reached in lawsuit after laptop stolen from Edmonton Medicentre
Bill Mah reports that a lawsuit filed after a 2013 Medicentres breach has settled. The incident involved a laptop with information on 620,000 Albertans being stolen from the clinic. The laptop belonged to an employee of their IT consultant, AbleIT Inc. The Privacy Commissioner would later rule that the clinic had failed to adequately protect their…
Vibrant Body Wellness notifies patients after burglar steals hardware with PHI
Seen on Vibrant Body Wellness: We were robbed! Literally. Yes, it’s sad but true — our office at Vibrant Body Wellness was broken into during the weekend of March 5th to March 8th. Things were stolen and no one was physically injured. We are grateful for that, and have been sorting through the violation and…
Is ransomware considered a health data breach under HIPAA?
Back in March, I blogged about the question as to whether a ransomware attack needed to be reported to HHS as a HIPAA breach. In that post, I quoted an HHS spokesperson who informed DataBreaches.net that a ransomware situation was an impermissible disclosure (because the attacker had access to the data even if the data weren’t…
MI: Former doctor’s office clerk sentenced for stealing patients’ identities
WZZM reports: A former doctor’s office billing clerk will spend time in prison for writing checks and applying for credit cards using information stolen from patients. Christine Ann Kroeze will spend between 4.5 and 14 years in prison on six felony convictions. Read more on WZZM. The accompanying video focuses on a sign that…