Statement from UC Irvine Medical Center: June 17, 2015 On March 13, 2015, officials at UC Irvine Medical Center discovered that an employee, whose job required access to some patient records, had looked at additional records without a job-related purpose between June 2011 and March 2015. As far as it is possible to determine, the…
Category: Health Data
Blue Shield of California notifies some members of exposure breach following software update
Software updates are an all-too-common source of breaches. Here’s another one, this involving Blue Shield of California. From their notification to the California Attorney General’s Office: As the (unintended) result of a computer code update Blue Shield made to the website on May 9, three users who logged into their own website accounts simultaneously with…
NY: Metropolitan Hospital Center notifies almost 4,000 patients of breach
The NYC Health and Hospitals Corporation is providing some powerful reminders of the importance of auditing and monitoring employee emails. Last month, I noted that they had detected breaches involving patients at Bellevue Hospital and Jacobi Medical Center. On June 1, HHC notified HHS of yet another email-related breach, this one involving Metropolitan Hospital Center….
Laptops stolen from National Seating and Mobility contained some patient information
National Seating and Mobility notified the New Hampshire Attorney General’s Office on June 12 of an incident that occurred on April 14, 2015 when two laptops, a smartphone, a backpack, and a briefcase were stolen from two employees’ locked work vans in Atlanta, Georgia. The incidents were immediately reported to the police and NSM was…
Rogue Equifax employee improperly accessed Rite Aid employees’ information
Pharmacy giant Rite Aid receives online paystubs, W-2s, and self-service applications from Equifax. In early March, Equifax notified Rite Aid that it had detected suspicious activity on some Rite Aid employee accounts. Equifax’s investigation resulted in a subsequent notification to Rite Aid on April 30 that an employee had misused their privileged access to reset…
Medical Informatics Engineering hacked; patient info involved
AP reports: A Fort Wayne medical software company is notifying patients of health care providers it serves that their private information might have been exposed when its networks were hacked, it said Wednesday. Medical Informatics Engineering said the attack on its main network and its NoMoreClipboard network began May 7 and wasn’t detected until May…