From their press release: The U.S. Department of Health and Human Services (HHS) moved forward today to strengthen the privacy and security protections for health information established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The final omnibus rule greatly enhances a patient’s privacy protections, provides individuals new rights to their health…
Category: Health Data
St. Mark's Medical Center notifies patients after finding malware on system
St. Mark’s Medical Center in LaGrange, Texas notified 2,988 patients of a breach. From their notice of December 31, 2012: On November 15, 2012, we learned that on May 21, 2012, one of our employee’s computers had become infected with malware that appears to have been designed to look for personal information stored on the computer….
Dedicated server hosting three medical practices hacked; some patient information exfiltrated to Gmail account
Several medical groups in Massachusetts were notified by their hosting service, Clearpoint Design, Inc., that a dedicated server on Hosting.com was hacked on October 18, 2012. The practices affected were South Shore Medical Center, who notified 4,100 patients, Harbor Medical Associates, P.C., who notified 4,343 patients, and Child & Family Psychological Services, Inc., who notified 7,250 patients….
Central London Community Healthcare NHS Trust's appeal of ICO's breach penalty dismissed
Back in May, I noted that the Information Commissioner’s Office in the U.K. had issued a fine of £90,000 to Central London Community Healthcare NHS Trust after the trust had misdirected faxes containing sensitive information on 45 occasions during the previous year. The trust immediately announced it planned to appeal. Today, Robin Hopkins of Panopticon reports that the…
6,000 patients to be notified after UDOH contractor loses drive with unencrypted PHI
The Utah Department of Health reported another breach today. This time, blame an employee of their contractor, Goold Health Systems, who violated policy by transferring PHI to an unencrypted USB drive which was lost during travel. The drive contained about 6,000 patients’ names, Medicaid numbers, ages, and recent prescription history.
B.C. ministry says millions affected by health-data breach
The issue of privacy breaches involving improper sharing of PHI with researchers has mushroomed for the B.C. Health Ministry: The personal-health data of more than five million British Columbians has been accessed without proper authorization, and in the most serious cases, the provincial government says it will notify more than 38,000 individuals of the breaches…