Elizabeth Simpson reports that a person or persons managed to steal two portable hard drives with PHI from two electrophysiology labs at Sentara Heart Hospital in August: The August theft of two portable hard drives from Sentara Heart Hospital’s electrophysiology labs led hospital officials to send letters about a security breach this week to 1,040 patients….
Category: Health Data
UK: 3,634 patients hit by East Sussex Healthcare Trust data breach
The Hastings & St. Leonards Observer reports that one of the trust’s consultants lost a thumb drive with data on over 3,600 patients. Hospital papers have revealed the confidential details of more than 3,500 patients were discovered on an unencrypted data stick. The incident was discussed at an East Sussex Healthcare Trust board meeting on…
Reports slam OCR’s poor oversight of HIPAA covered entities, breach followup efforts
If you follow HHS’s public breach tool and investigations closely, two reports from the Office of the Inspector General (OIG) finding lax oversight and insufficient follow-up will come as no surprise. Susan Hall of FierceHealthIT has a good recap: The former report was based on reviews of a statistical sample of privacy cases investigated by OCR between September…
Major Patient Privacy Breach Alleged At Palo Alto VA
Benjamin Krause writes: VA OIG just reported that Palo Alto VA Health Care System unlawfully gave patient data to a private IT company despite employees not having cleared background checks. The watchdog investigated allegations that the Palo Alto VA informatics chief entered into an illegal agreement with a health care company called Kyron. VA OIG confirmed allegations…
Data breach lawsuit against former parent company of Flowers Hospital survives motion to dismiss
There’s a noteworthy update to a lawsuit against Triad of Alabama, the former parent company for Flowers Hospital, whose employee was convicted on both federal and state charges for stealing and trafficking in patient information for tax refund fraud. The breach and earlier developments in the lawsuit were covered on PHIprivacy.net. Today, Lance Griffin reports that the amended class…
Canadian physician facing disciplinary charges over snooping in patients’ records
There’s an update to a breach that I hadn’t read about back in June when it was first reported. The breach allegedly involves one doctor who improperly accessed two patients’ records held at Group Health Centre and Sault Area Hospital. But the allegations have some bizarre features, as SooToday reports: The hospital reported in June that an internal investigation into…