From their web site: Montefiore Health System is notifying certain patients about a security incident involving information that was stolen by a former employee. The employee compromised the information of 12,517 patients, which included names, addresses, dates of birth, Social Security numbers, next of kin information, and health insurance details. The theft occurred between January 2013…
Category: Health Data
Seek and ye shall find: CareFirst notifies brokers and members of 2014 breach
Sometimes doing the right thing can be costly. In the wake of increasing attacks on health insurers (e.g., Anthem, Premera), CareFirst BlueCross BlueShield retained Mandiant to do an end-to-end assessment of their information security environment. The assessment included multiple scans to determine if there was any evidence of any attack. On April 21, 2015, Mandiant uncovered evidence…
FL: Tax Fraudster Receives 27-Year Prison Sentence; Scheme Used Stolen Patient Information
Some of the breaches mentioned in this press release had been covered on PHIprivacy.net. Tampa, Florida – U.S. District Judge Charlene Honeywell has sentenced James Lee Cobb, III (27, Tampa) to 27 years in federal prison, followed by 5 years of supervised release, for conspiracy to commit mail and wire fraud, wire fraud, aggravated identity…
St. Lucie Medical Center gave patient records to wrong patient, exposing Social Security numbers
This happens all the time, all over this country.
PA: Hershey Medical Center notifies 1,801 patients of potential breach
Lancaster Online reports: Penn State Hershey Medical Center said it has notified 1,801 patients of a privacy breach, after it was discovered an employee had been working with protected health information from his home computer. Officials at the hospital said in a press release Friday afternoon that results of an extensive internal investigation give no…
Breach of patient records investigated by UC Irvine Medical Center
Statement from UC Irvine Medical Center: June 17, 2015 On March 13, 2015, officials at UC Irvine Medical Center discovered that an employee, whose job required access to some patient records, had looked at additional records without a job-related purpose between June 2011 and March 2015. As far as it is possible to determine, the…