More follow-up on a tax refund fraud scheme that used patient information from Troy Regional Medical Center in Alabama and other non-medical entities. This case was noted previously on this blog. Robbyn Brooks of the Troy Messenger reports: A woman who pled guilty in an identity theft/tax refund scam involving Troy Regional Medical Center records has…
Category: Health Data
A medical center wrecked by a tornado – what about patient records?
I haven’t seen any reports on it yet, but I hope that Moore Medical Center in Moore, Oklahoma had its patient records and other data backed up off-site, as the medical center was wrecked by the tornado that hit last week. And what about all of the paper records with PII or PHI that might…
Court date set for nurse involved in privacy breach
While employees in the UK can seemingly only face fines for exceeding authorized access or stealing health information, that’s not the case in Canada. CBC News reports that a former Eastern Health employee has pleaded not guilty to unlawfully obtaining health information. The incident has drawn a lot of media attention since it was first…
UK: Man made redundant fined for stealing sensitive information
Infosecurity-Magazine.com reports on an insider breach where the consequences just don’t seem severe enough. The breach occurred on April 28, 2011, and was prosecuted by the Information Commissioner’s Office under Section 55 of the Data Protection Act: When he learned that he was being made redundant from his position as Community Health Promotions Manager at…
Idaho State University Settles HIPAA Security Case for $400,000
Idaho State University (ISU) has agreed to pay $400,000 to the U.S. Department of Health Human Services (HHS) to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. The settlement involves the breach of unsecured electronic protected health information (ePHI) of approximately 17,500 patients at ISU’s Pocatello Family…
More additions to HHS's breach tool
Two updates within a week? The HHS breach tool is getting a workout. Here is what was added today: Sovereign Medical Group, LLC in New Jersey reported that 27,800 were affected by a breach on October 10, 2012. HHS’s breach tool codes the incident as “Theft, Hacking/IT Incident”, Network Server,” which probably means a hack,…