In my recent recap of new additions to HHS’s public breach tool, I noted an incident involving Summit Community Care Clinic. My summary of the breach log was: Summit Community Care Clinic in Colorado reported that 921 patients were affected by a Hacking/IT incident that occurred July 22. There is no statement or notice on their web…
Category: Health Data
Tri-State Surgical Associates notifies patients of a disclosure breach
Tri-State Surgical Associates in Elkton, Maryland recently notified patients of a disclosure breach involving their PHI. According to a letter sent by Drs. Lowe and Vaidy, when a physician left their practice in May, he reportedly asked a staff employee for patient contact information so that he could notify patients of his new practice location….
Missing Allscripts backup drive held Mercy Health Systems patient information
It seems that Baltimore-based Mercy Health Systems (Mercy Medical Center) forgot to notify Maryland about a breach involving Maryland residents earlier this year. According to an August 13 letter signed by Chante Tindal, Compliance Generalist: on January 14, MHS’s transcription contractor, Allscripts, reported a missing unencrypted hard drive containing patient information. MHS says this was reported…
Commentary: Are analyses of breaches in the healthcare sector underestimating the insider threat?
Another healthcare provider has pleaded guilty to Medicaid fraud. The North Carolina Department of Justice reports that Dr. Francis Bald, a North Carolina dentist, has pleaded guilty to charges related to falsely billing Medicaid for dental and oral surgery services. The fraud was uncovered by an observant patient who read his Explanation of Benefits (EOB) statement…
LabMD Responds to FTC Complaint: Claims Agency Lacks Enforcement Jurisdiction
Just received this press release from Cause of Action with LabMD’s response to FTC’s complaint: Cause of Action (CoA), a government accountability organization, filed an answer to an aggressive and arbitrary enforcement action brought by the Federal Trade Commission (FTC) against LabMD, a small cancer diagnosis company. CoA is defending LabMD against a complaint brought by the FTC in…
Kaiser Permanente lawsuit against former business associate dismissed, but are patient data still at risk?
If you’re a privacy professional or information security professional looking for a cautionary tale or a nightmare case to use in your presentations, this may be it. In reading about this case, however, keep in mind that there has never been any indication that patient misinformation was disclosed improperly or that it has been misused….