WRAL reports that the North Carolina Department of Health & Human Services has had a second breach involving hundreds of Medicaid patients. It was the second time in as many months that an employee error involving unencrypted e-mail resulted in exposure of patient information. This time, the breach reportedly affected 524 patients. Officials said they have installed…
Category: Health Data
NJ: Personal records left unprotected at shuttered Brisbane center
Mike Davis reports: Inside the former Arthur Brisbane Child Treatment Center sat piles of cardboard boxes, turning the former psychiatric hospital into a makeshift storage facility. The files contained within run the gamut of both state employees and Brisbane patients, including personal information such as social security numbers, medical history and banking information. The only problem? The…
FTC v. LabMD ruling issued: FTC loses data security enforcement case (Update2)
In a data security enforcement action that some have characterized as a modern version of David vs. Goliath, David won today, and the FTC lost. It was an enforcement action that the FTC never should have commenced, as I’ve argued repeatedly, and today’s loss may actually make future enforcement actions more difficult for them as the standard for demonstrating…
FBI alerts Owensboro Health to Breach at Muhlenberg Hospital; Breach Began in January, 2012
The breach in question may have begun in January, 2012, years before OH Muhlenberg acquired Muhlenberg Community Hospital, but it potentially impacted all patients, all payment guarantors, employees and some credentialed providers after that date and before OH Muhlenberg learned of the breach and contained it. This incident does not yet appear on HHS’s public…
WI: Dean Health Plan notifies 960 members after data lost in transit
WKOW reports: Officials with Dean Health Plan say protected health data for nearly 1,000 members may have been breached after some documents sent to a bank were lost in transit. They say the affected documents included member identification numbers, member names, and procedure codes – no Social Security numbers or other financial information. Read…
TX: Employee with “retaliatory agenda” stole potentially 16,000 children’s medical records
HIPAA Journal reports: An investigation conducted by Children’s Medical Clinics of East Texas has revealed a former employee took copies of children’s medical records and disclosed them to a third party. According to the breach report posted on the healthcare provider’s website, the privacy breach was caused by an individual with “a retaliatory agenda against…