Anna Gorman and Abby Sewell report that five employees and a student research assistant at Cedars-Sinai Medical Center have been fired for inappropriately accessing 14 medical records in a one-week period last month. Four were employees of community physicians who have medical staff privileges at the hospital, one was a medical assistant employed by Cedars-Sinai, and…
Category: Health Data
Digging in their heels: Wyndham and LabMD challenge FTC’s authority in data security cases
Cross-posted from PHIprivacy.net: Adam Greenberg reports on two cases where businesses have challenged the FTC’s authority in data security cases. Although Wyndham’s challenge has been discussed in detail on DataBreaches.net (see these posts), I haven’t really described the LabMD case until now. In the LabMD case, the Atlanta Business Chronicle reported last year: The federal agency…
ICO fines NHS Surrey for failing to check the destruction of old computers
From the U.K. Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has issued NHS Surrey with a monetary penalty of £200,000 after more than 3,000 patient records were found on a second hand computer bought through an online auction site. The sensitive information was inadvertently left on the computer and sold by a data destruction company employed…
CA: Long Beach Memorial Medical Center discloses insider breach affecting 2,864 patients
Karen Robes Meeks reports: The private information of nearly 3,000 Long Beach Memorial Medical Center patients may have been breached by an employee, the hospital announced Thursday. The hospital notified the 2,864 patients who were seen from September 2012 to last month of the breach of information, which included name, sex, date of birth, home…
WellPoint pays HHS $1.7 million for leaving information accessible over Internet
From HHS: The managed care company WellPoint Inc. has agreed to pay the U.S. Department of Health and Human Services (HHS) $1.7 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. This case sends an important message to HIPAA-covered entities to take caution when…
Notice Regarding Microfiche Incident for Texas Health Harris Methodist Hospital Fort Worth Patients (UPDATED)
Update: The Star-Telegram reports that 277,000 are being notified of this breach. Original post: Texas Health Resources posted the following notice on their site. Unfortunately, the home page link simply says “Microfiche Incident” and does not alert site visitors to check that link for an important privacy breach notification: Texas Health Harris Methodist Hospital Fort…