In a statement on their web site linked from their home page as a privacy notice, Ephrata Community Hospital in Pennsylvania writes: Ephrata Community Hospital takes our obligation to protect our patients’ personal health information seriously. Regrettably, this notice concerns some of that information. On April 16, 2013, we learned that one of our employees had accessed…
Category: Health Data
HHS releases statement on Prime Healthcare/Shasta Regional settlement
In a press release issued yesterday and posted today, HHS writes: Shasta Regional Medical Center (SRMC) has agreed to a comprehensive corrective action plan to settle a U.S. Department of Health and Human Services (HHS) investigation concerning potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. The HHS Office for Civil…
NC veterans' PHI left in recycle bin
Associated Press reports: The Veterans Affairs hospital in Fayetteville says documents containing the personal information of nearly 1,100 veterans were found in a recycling bin two months ago. The Fayetteville VA Medical Center announced Friday it’s notifying the 1,093 affected veterans whose consultation reports from the optical shop were incorrectly placed in a recycle bin…
NZ: Pathways mops up privacy breach
Jenee Tibshraeny of NewsTalkZB reports: An organisation that works with mental health patients is trying to mop up the mess it created by a somewhat old-fashioned privacy breach. It lost documents containing the names, addresses and clinical details of 65 of its clients, when a staff member left their bag on a Wellington bus last…
U.K.: Fax blunder leads to £55,000 penalty for Staffordshire trust
The Information Commissioner’s Office (ICO) has issued a monetary penalty of £55,000 to North Staffordshire Combined Healthcare NHS Trust. The penalty follows a serious breach of the Data Protection Act which resulted in sensitive medical details of three patients being sent to a member of the public. The details were released between August and September 2011 when…
Lucile Packard Children’s Hospital notifying 12,900 after laptop stolen from secured badge-access area
Lucile Packard Children’s Hospital is no stranger to stolen equipment containing PHI. In January, 2010, they self-reported a breach involving a stolen desktop computer with PHI on 532 patients, and as recently as January, they notified 57,000 patients after a laptop was stolen from a physician’s car. Now the hospital is notifying patients about another breach…