Attorney General Brian E. Frosh today announced that the Office of the Attorney General Consumer Protection Division entered into a settlement agreement with Visionworks, LLC, resolving an investigation into two data breaches the company experienced in 2014 that affected more than 72,000 Marylanders. Visionworks failed to properly secure consumers’ personal information while upgrading to fully encrypted…
Category: Health Data
Colorado notifies Medicaid patients of HIPAA breach
Denver, CO – The Department of Health Care Policy and Financing (the Department) announced today that protected health information was unintentionally disclosed in a recent mailing. Letters were mailed between May 25 and July 5, 2015 and contained protected health information (PHI) of individuals from 1,622 households. The problem was identified on July 1st when…
Blue Cross Blue Shield in Maryland sued over alleged security breach
Shaun Zinck reports: Blue Cross Blue Shield is being sued over an alleged breach of security that led to the release of patients’ personal information. Pamela Chambliss and Scott Adamson filed the lawsuit on Aug. 6 in U.S. District Court in Maryland against CareFirst Inc., doing business as Blue Cross and Blue Shield. The breach…
Court affirms dismissal of lawsuit against Advocate Medical Group over 2013 data breach
Ian Fullerton reports the latest development in a case that I’ve been following on PHIprivacy.net and this site since August 2013: Advocate Medical Group has been cleared in a case charging the organization with compromising patient privacy following a 2013 breach of its records. The lawsuit alleged that patients of Advocate had been put at…
Mass. pot dispensary accidentally shares patients’ email addresses
Adam Vaccaro reports: Buying medical marijuana in Massachusetts got a little less anonymous Thursday morning, when the state’s lone pot dispensary accidentally shared some of its patients’ email addresses with other patients. State health officials are investigating. Salem’s Alternative Therapies Group sent an email addressed “Dear Patient,” to 157 email addresses. A copy of the…
Lawrence General Hospital notifies patients after thumb drive discovered missing
Lawrence General Hospital in Massachusetts has sent notification letters to 2,071 patients after a thumb drive with patient information was lost. The notification was made August 7, almost two months after the hospital discovered that the drive was missing from a secured hospital laboratory. The drive had been last seen on June 6, and was discovered missing…