An update from Marco Chown Oved on the Rouge Valley Hospital insider breach reported last year: A former Rouge Valley Hospital clerk has pleaded guilty to stealing thousands of patient records and selling them to financial brokers over the course of more than a decade. Shaida Bandali, 61, who worked at Rouge Valley from 1995-2014,…
Category: Health Data
Boston University notifies medical research participants after server compromise
When a Boston University server was used to launch attacks against a system in Nova Scotia in May, the Nova Scotia network administrator contacted BU to alert them. BU’s month-long investigation revealed that one of its servers had been compromised – possibly by a hacker in Russia – in March 2015. Of note, the compromise…
“Small” breach, big impact, redux
In November 2013, I blogged about the case of a privacy breach at Northern Inyo Hospital that was so devastating to the patient that she was going to move away. The breach was a willful insider breach that impacted a custody dispute. That same year, and unbeknownst to most people, there was a lawsuit filed over another insider…
Chicago Woman Indicted For Stealing Identities Of Nursing-Home Residents
A Chicago woman sought federal tax refunds through a series of fraudulent returns she filed in the names of other people, including a number of nursing-home residents who had no knowledge that their personal information was being used, according to a federal indictment announced today. SHANTELL WINTERS, 28, prepared and electronically filed a dozen individual…
Ca: 900 patients affected by Saskatchewan’s Heartland Health Region privacy breach
The Star Phoenix reports: An employee has been terminated and roughly 900 patients are being notified following a privacy breach in Saskatchewan’s Heartland Health Region. According to a news release issued Thursday, a “detailed inquiry” was launched after the breach was reported in July. It found one employee inappropriately accessed personal health information of patients…
Merit Health Northwest Mississippi notifies patients of stolen records with identity information
Merit Health Northwest Mississippi (“the Hospital”) is notifying patients about an unauthorized removal of their health information from the Hospital. Affected patients have been mailed a letter with details related to this matter and information on accessing free credit monitoring and identity theft resolution services. On July 1, 2015, the Hospital was notified by law…