Tom Bolton reports that Cottage Health, which suffered a HIPAA breach in 2013 due to a vendor error (by InSync) that exposed over 50,000 patients‘ information, has suffered another exposure breach: Cottage Health’s efforts to protect the confidentiality of hospital patient records suffered a setback earlier this fall when one of its computer servers was found to be…
Category: Health Data
University of Rochester Medical Center settles NYS Attorney General charges stemming from HIPAA breach
Back in May, I noted that University of Rochester Medical Center was notifying 3,000 patients because a departing employee had taken patient information with her for her new employer to use to recruit patients. Now NYS Attorney General Schneiderman has announced a settlement with URMC over the HIPAA breach. The settlement requires the center to pay a $15,000…
State law claims in Anthem breach tossed because ERISA pre-empts
And yet another blow to would-be plaintiffs in data breach litigation: you can’t raise claims under state law if ERISA applies and covers all the claims. Joe Lustig reports: For the second time this year, the U.S. District Court for the Northern District of California has ruled that state law claims arising from Anthem’s February data…
OH: Thousands Of Medical Records Containing Confidential Info Found In Dumpster
Maureen Kocot reports: A good Samaritan says he was surprised when he discovered thousands of documents marked confidential in a dumpster. 10TV examined the documents and found medical records containing patients’ social security numbers, dates of birth, as well as detailed information about medical conditions and prescriptions. […] The Ohio Medical Board says it has…
IL: Mailing error by contractor discloses ‘limited’ personal info of 3,000 Centegra patients
Stephen DiBenedetto reports: Medical bills detailing “limited” personal information of 3,000 Centegra Health System patients recently were sent to the wrong addresses because of a mailroom error at a third-party contractor, a Centegra spokeswoman said. The mailing error happened Nov. 2 at MedAssets, a Georgia-based vendor Centegra contracts, during routine maintenance. A setting on automatic…
Ca: Alberta Children’s Hospital privacy breach leads to 26 charges
CBC reports: A privacy breach at the Alberta Children’s Hospital in Calgary has resulted in 26 charges being laid against a staff member. The incident was investigated by the Office of the Privacy Commissioner and the charges were laid under the Health Information Act. Read more on CBC News.