Category: Health Data

Reports slam OCR’s poor oversight of HIPAA covered entities, breach followup efforts

Posted on by Dissent

If you follow HHS’s public breach tool and investigations closely, two reports from the Office of the Inspector General (OIG) finding lax oversight and insufficient follow-up will come as no surprise. Susan Hall of FierceHealthIT has a good recap: The former report was based on reviews of a statistical sample of privacy cases investigated by OCR between September…

Read more

Major Patient Privacy Breach Alleged At Palo Alto VA

Posted on by Dissent

Benjamin Krause writes: VA OIG just reported that Palo Alto VA Health Care System unlawfully gave patient data to a private IT company despite employees not having cleared background checks. The watchdog investigated allegations that the Palo Alto VA informatics chief entered into an illegal agreement with a health care company called Kyron. VA OIG confirmed allegations…

Read more

Data breach lawsuit against former parent company of Flowers Hospital survives motion to dismiss

Posted on by Dissent

There’s a noteworthy update to a lawsuit against Triad of Alabama, the former parent company for Flowers Hospital, whose employee was convicted on both federal and state charges for stealing and trafficking in patient information for tax refund fraud. The breach and earlier developments in the lawsuit were covered on PHIprivacy.net. Today, Lance Griffin reports that the amended class…

Read more

Canadian physician facing disciplinary charges over snooping in patients’ records

Posted on by Dissent

There’s an update to a breach that I hadn’t read about back in June when it was first reported. The breach allegedly involves one doctor who improperly accessed two patients’ records held at Group Health Centre and Sault Area Hospital. But the allegations have some bizarre features, as SooToday reports: The hospital reported in June that an internal investigation into…

Read more