Janine Rankin reports: A Palmerston North Hospital nurse who snooped on patients’ medical records has been censured by the Health Practitioners’ Disciplinary Tribunal. Elizabeth Raju was sacked in 2014 after a hospital audit revealed the confidentiality breaches. […] The Tribunal rejected Raju’s excuse that there was a culture at the hospital of health professionals looking…
Category: Health Data
Harbottle Surgery: NHS accused of data protection breach
Is this a case of good intentions paving the road to a data protection breach? Can the NHS just transfer a patient’s records to another practice without the patient’s consent, even if they mean well? BBC reports: NHS bosses have been accused of breaking data protection law by passing on medical records without consent. Harbottle…
Ex-director of Baton Rouge drug rehab admits to using patient info to get prescription pills
There’s an update to a case noted previously on this site. Emily Lane reports that Shanta Barnes pleaded guilty in federal court yesterday to charges of health care fraud and aggravated identity theft. The scheme, according U.S. Attorney Walt Green’s office, started in June 2009, at the latest, and lasted less than a year at the facility…
Even encrypted medical record databases leak information
Jeremy Kirk reports: A new study from Microsoft researchers warns that many types of databases used for electronic medical records are vulnerable to leaking information despite the use of encryption. The paper, due to be presented at the ACM Conference on Computer and Communications Security next month, shows how sensitive medical information on patients could be…
Calif. Jury Clears UCLA In $1.25M Medical Data Breach Suit
Bonnie Eslinger reports: The University of California, Los Angeles Health System was not responsible for the unauthorized release of a woman’s medical records by a romantic rival, a California jury decided Thursday, rejecting her lawyer’s arguments that the victim was due $1.25 million for emotional harm caused by the breach. Read more on Law360 (subscription…
Cancer Care Group settles HHS charges over “widespread noncompliance” with HIPAA Security Rule; $750,000 fine and corrective action plan
In August 2012, I noted a breach involving the theft of backup media from an unattended vehicle of a Cancer Care Group employee. The backup contained information on 55,000 patients and employees. Now, more than three years later, HHS has announced a settlement with CCG over the breach. As seems to be their style, they…