Adam Poulisse reports: A computer hard drive containing patient information was stolen from FHN Memorial Hospital in December. The hard drive did not contain medical records, but did have internal reports and spreadsheets with patient data, according to a FHN news release. The files may have included a patient’s name, Social Security number, contact information,…
Category: Health Data
BJC HealthCare Accountable Care Organization Notifies Patients of Unencrypted Email
(Feb. 26, 2016, ST. LOUIS) – BJC HealthCare Accountable Care Organization (BJC ACO) has notified 2,393 patients that identifying information was sent to a participating medical practice through an unencrypted email. All affected patients have been offered identity theft protection free of charge. BJC ACO discovered on Dec. 30, 2015, that an email containing health information…
HIPAA Covered Entities Not Responsible For Intercepted Transmission of PHI When Individual Requested Unsecured Transmission, Office for Civil Rights Concludes
Joseph Lazzarotti of Jackson Lewis highlights an important note in recent OCR guidance: What is a covered entity’s obligation under the Breach Notification Rule if it transmits an individual’s PHI to a third party designated by the individual in an access request, and the entity discovers the information was breached in transit? If a covered…
Federal Times obtained and analyzed 26,381 security incidents reported by HHS components over a 30-month period
Kudos to Federal Times, who obtained a tremendous amount of data from HHS about security incidents involving their component systems. Aaron Boyd reports on their analysis of data, which was obtained through a Freedom of Information request. The analyses look at types of attacks by components of HHS. Here’s some of their analysis and findings: The records…
Giants player Jason Pierre-Paul should lose his case against ESPN and reporter Adam Schefter, but will he?
I’ve been hoping some lawyer(s) would discuss the lawsuit filed by Jason Pierre-Paul (“JPP”) against ESPN and Adam Schefter because frankly, although I wasn’t happy that Schefter posted a medical record – and Schefter later acknowledged there’s an issue of sensitivity here – I can’t see how any lawsuit against the journalist could prevail because…….
Radiology office mistakenly reveals 603 mammogram patients’ names
I’m not a fan of postcard appointment reminders for patients, as they expose the fact that the named individual is a patient of a particular doctor or practice – and sometimes, that, in and of itself, reveals more than I would want to see revealed. But under HIPAA, postcard reminders are not barred, and patients…