There’s a follow-up to a case previously noted on DataBreaches.net, and it appears to be yet another case of an insider breach to fuel a tax refund fraud scheme in Florida, but we still don’t know the name of the company or covered entity from whom the identity information was stolen. Nor do we know whether…
Category: Health Data
Ebola and Privacy: Snooping, Confidentiality, and HIPAA
Daniel Solove writes: One of the things that struck me about the Ebola cases at Dallas Presbyterian Hospital was that all of the Ebola victims were named almost immediately. How could this happen? In all the swirling news coverage, I was struck by the fact that few were asking the question: Why were all of…
MN: Ex-Mayo Clinic exec accused of stealing trade secrets
Jeff Kiger reports: A former top Mayo Clinic executive is being sued for allegedly hiding his hiring by a competitor of Mayo Medical Laboratories for months while he continued to work for Mayo while stealing trade secrets. Mayo Clinic filed a lawsuit alleging misappropriation of trade secrets and breach of contract against Dr. Franklin R. Cockerill…
Laptops stolen from Albertina Kerr's Gresham campus contained information on 1,300 psychiatric patients
Eric Apalategui reports: Two laptop computers stolen from Albertina Kerr‘s campus in Gresham may have carried sensitive medical information, including the identities, diagnoses and treatments for up to 1,300 current and former patients. The burglary occurred two months ago, likely on Aug. 6, when someone broke into a single office at Kerr’s crisis psychiatric care facility on Northeast…
Macomb County, Michigan notifies employees and dependents of business associate breach
Update: After this entry was posted, PHIprivacy.net received additional information indicating that there were actually two Macomb County Business Associates involved in the provision of the file to the County. “One of these two Business Associates is U.S. Health Holdings’ subsidiary Automated Benefit Services,” a spokesperson for the county’s communications firm tells PHIprivacy.net. “The breach did not occur at or by…
California Extends Deadline for Reporting Breaches to the CDPH from 5 to 15 Business Days
Cory J. Fox writes: On September 18, 2014, California Governor, Jerry Brown, signed Assembly Bill 1755 (“AB1755”) into law, amending breach notification provisions in the California Health and Safety Code applicable to licensed clinics, health facilities, home health agencies, and hospices. Under existing law, certain health care entities licensed by the California Department of Public Health (“CDPH”),…