Is Ascension Health being targeted by attackers successfully acquiring employee e-mail account logins via phishing? (Update 2: It seems they are. See this post after reading the one below.) Zach Lozano reports that Seton Family of Hospitals will provide free identity monitoring and protection services for patients who had their personal information leaked in a phishing…
Category: Health Data
HHS Settles Charges Against Cornell Prescription Pharmacy Over Disposal of Records
Cornell Prescription Pharmacy (Cornell) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule with the Department of Health and Human Services (HHS), Office for Civil Rights (OCR). Cornell will pay $125,000 and adopt a corrective action plan to correct deficiencies in its HIPAA compliance program….
OH: Springfield Regional Medical Center patients notified of #HIPAA breach due to mailing error
Katie Wedell reports: Community Mercy Health Partners, operator of the Springfield Regional Medical Center, has alerted patients to a data breach that occurred in February. Invoices for about 2,000 patients containing names, addresses, billing codes such as diagnosis and procedural codes, service dates and locations, and account balances were inadvertently sent to incorrect people. Read more on…
TX: Former Methodist Healthcare employee sentenced to more than 10 years; stole patient info for unemployment benefits
Guillermo Contreras reports on a case I don’t recall seeing before: A judge sentenced a former Methodist Healthcare worker to more than 10 years in federal prison Thursday for stealing patient identities and using the information to claim unemployment benefits. U.S. District Judge Orlando Garcia ordered Andrea Nicole Brooks, 30, to serve 97 months for…
WV: Woman sues Marshall Health for privacy breach
Kyla Asbury reports: A woman is suing Marshall Health after she claims an unauthorized employee accessed her daughter’s medical record multiple times. Kristi Dunlap, an employee of Marshall Health, and Michael J. McCarthy, the chief information officer of Marshall Health, also were named in Felesha Dickess’ complaint. Read more on The West Virginia Record.
Ca: Fifth prosecution under Health Information Act
It never rains, but it pours? Now there’s a second press release from the Office of the Information and Privacy Commissioner of Alberta: An investigation by the Office of the Information and Privacy Commissioner (OIPC) has resulted in one charge being laid against an individual under the Health Information Act (HIA). The OIPC conducted an investigation following a report…