Three additions to HHS’s breach tool, and so far, I can’t find anything on any of these breaches: “Surgical Associates of Utica, PC”,NY,”Quanterion Solutions, Inc.“,1017,9/18/2012,Theft,Network Server,11/16/2012,, “First Step Counseling, Inc.“,NJ,,638,5/1/2011-08/05/2011,Unauthorized Access/Disclosure,Paper,11/16/2012,, “CVS Caremark”,RI,,955,8/13/2012,Theft,Paper,11/16/2012,, I wonder if the First Step Counseling breach was an insider stealing patient data for tax refund fraud. I’d call and ask…
Category: Health Data
University of Virginia Medical Center reports lost handheld device held patients' personal and medical information (updated)
The University of Virginia Medical Center has posted a notice of a breach: The University of Virginia Medical Center and Continuum Home Infusion are committed to protecting the personal information entrusted to us by our patients and potential patients referred to us for care. Regrettably, this notice is regarding an incident involving some of that…
Did ADPI disclose enough in its notification and has it done enough for patients?
One of the things that happens with a blog like this one or DataBreaches.net is that an organization discovers that I’m covering their incident and starts checking my blogs to see what I’m writing. At the same time, I’m checking other sites to see what they’re saying. This week, I’m obviously focused on the ADPI…
FL: Volunteer at Jackson North used smartphone to steal data
Jackson North Medical Center in North Miami Beach is part of the Jackson Health System. It appears they, too, have suffered an insider breach for tax refund fraud purposes. John Dorschner reports that a volunteer at the medical center used a smart phone to take pictures of patient records: The volunteer’s misdeeds unraveled in a…
How many were affected by ADPI-Intermedix breach: help track this breach
As I had done with the Epsilon breach on DataBreaches.net, I’ve decided to devote a blog post to tracking organizations affected by the Advanced Data Processing (ADPI) breach. The San Francisco Chronicle reported that there were “27 agencies in 17 states whose patients may have had personal information stolen.” As you’ll see below, that does…
GA: Grady Health Systems notifies 900 patients potentially affected by ADPI-Intermedix breach
I was just reading that 900 patients who were treated at Grady Health Systems’ emergency care facilities may have had their data stolen by a former hospital contract worker. I thought it was yet another breach, but the Associated Press reports that the contractor worked for Advanced Data Processing Inc. Yes… the same company that I reported…