Sonoma Valley Hospital has disclosed that patient information was exposed on the Internet due to an employee error. The Sonoma Valley Sun reports the breach occurred on February 14, 2013, and involved 1,350 surgery patients’ names, dates of service, procedure, surgeon, hospital charges, and name of insurance company. The hospital did not learn of the breach…
Category: Health Data
Jackson Health System notifies 1,407 patients of missing records
Statement from Jackson Health System in Florida: Jackson Health System has conducted an internal investigation regarding several boxes of medical records that are unaccounted for and/or are missing from Jackson Health System Health Information Management (HIM) department. Those 1,407 patients whose personal information was accessed have been notified and offered free credit card fraud protection….
Woman involved in hospital identity theft sentenced to 10 years
More follow-up on a tax refund fraud scheme that used patient information from Troy Regional Medical Center in Alabama and other non-medical entities. This case was noted previously on this blog. Robbyn Brooks of the Troy Messenger reports: A woman who pled guilty in an identity theft/tax refund scam involving Troy Regional Medical Center records has…
A medical center wrecked by a tornado – what about patient records?
I haven’t seen any reports on it yet, but I hope that Moore Medical Center in Moore, Oklahoma had its patient records and other data backed up off-site, as the medical center was wrecked by the tornado that hit last week. And what about all of the paper records with PII or PHI that might…
Court date set for nurse involved in privacy breach
While employees in the UK can seemingly only face fines for exceeding authorized access or stealing health information, that’s not the case in Canada. CBC News reports that a former Eastern Health employee has pleaded not guilty to unlawfully obtaining health information. The incident has drawn a lot of media attention since it was first…
UK: Man made redundant fined for stealing sensitive information
Infosecurity-Magazine.com reports on an insider breach where the consequences just don’t seem severe enough. The breach occurred on April 28, 2011, and was prosecuted by the Information Commissioner’s Office under Section 55 of the Data Protection Act: When he learned that he was being made redundant from his position as Community Health Promotions Manager at…