A PHIprivacy.net editorial. As regular readers know, PHIprivacy.net and PogoWasRight.org have been covering breach accusations involving the emergency medical dispatch (EMD) and police criminal history databases in Monroeville, Pennsylvania. The town’s investigation into the allegations, an independent forensic evaluation of the security controls in use for the systems, and a subsequent state attorney general’s investigation all confirmed…
Category: Health Data
IL: List of social security numbers mistakenly mailed to workers
Bonita Cornute reports that 800 Metro East health care workers at Bridgemark‘s Belleville facility recently received a mailing with their 401k updates. Unfortunately, the mailing included all 800 plan participants’ names and corresponding Social Security numbers. Read more on Fox2.
UK: Great Ormond Street Hospital for Children NHS Foundation Trust signs undertaking
The Great Ormond Street Hospital for Children NHS Foundation Trust has signed an undertaking with the Information Commissioner’s Office following four separate incidents in the last 18 months where letters containing medical information have been sent to the wrong address. In most of these cases, the letters had been sent out by temporary or bank members of staff…
UCSF notifying 8,294 gastroenterology patients whose PII and PHI were on laptop stolen from doctor's car
Statement from UCSF: UC San Francisco is alerting some individuals to the theft of a physician’s personal laptop computer that contained personal and health information. While the physician believed the laptop was encrypted, this could not be confirmed. As a result, the individuals involved are being notified. The security of protected health information at UCSF…
Anthem Blue Cross of California notifies doctors whose SSN were displayed in a .pdf file online (Update)
Every so often, we come across a breach involving doctors’ Social Security numbers being exposed online because they use their SSN as their Tax Identification Number (TIN). Here’s another one of those case, this time involving Anthem Blue Cross of California: We are sending you this letter to notify you that your Tax Identification Number (“TIN”), along with…
California physician notifying patients of breach involving old patient data
Here’s another case where a covered entity only learned about a breach when they were contacted by law enforcement. Kathleen E. Whisman, M.D. notified patients on August 5 that on or about April 11, she received a call from the San Ramon Police Department. They informed her that while investigating an ID theft ring,…