Category: Health Data

HHS added 9 more breach reports to its public breach tool yesterday. Here’s a recap of the ones we already knew about: The UnityPoint Health breach was added to the list, although the third party company that provided the employee to UnityPoint was not disclosed in their report. In a statement sent to PHIprivacy.net today,…

Maybe I should start a column just about the “small” HIPAA breaches I seem to trip over on a too-frequent basis. Today’s entry occurred in the waiting area of an outpatient endoscopy/colonoscopy service. I was sitting and chatting with another woman as we waited for our respective spouses. Out came a doctor, who walked up…

Marty Griffin reports: Dr. Bhola Roy is a board certified internist. These days he spends hour after hour on his computer, ordered by Medicare to file all of his records electronically. “Medicare is mandating to us, we have to use electronic health records,” he said. That mandate went horribly wrong, when in a lawsuit, Dr….

Meanwhile, in New Zealand, Joelle Dally reports on a case similar in some respects to cases I’ve recently mentioned on this blog involving Northern Inyo Hospital and the Guthrie clinic: The Canterbury District Health Board appears to have reached a deal to avoid legal action over a doctor’s 2007 privacy breach. The case could have…

And speaking of how much a health care facility can do about a rogue employee and whether they are responsible or liable, there is an update to a case I first noted here in 2011 involving a Guthrie Healthcare System clinic in Corning, New York. In that case, a nurse willfully disclosed a patient’s information on…

I recently noted a privacy breach at Northern Inyo Hospital in California. It was one of those “small breaches” (i.e., less than 500 affected) that don’t get reported on HHS’s  public-facing breach tool, but it really created distress for its victim. In discussing the breach, I noted my surprise at a statement  the patient made…