From their press release, issued yesterday: Lucile Packard Children’s Hospital at Stanford and the Stanford University School of Medicine are notifying patients by mail that a password-protected laptop computer containing limited medical information on pediatric patients was stolen from a physician’s car away from campus on the night of January 9, 2013. This incident was…
Category: Health Data
Former patient claims confidentiality breach in Prime Healthcare lawsuit
When the CEO of Prime Healthcare and Shasta Regional Medical Center disclosed patient records in trying to defend themselves against a media report, I immediately noted that without the patient’s consent, they could not do that. Despite what was so obvious to most of us, they defended their disclosure, claiming that the patient had waived…
Ca: Info on 25,000 patients lost in Montfort Hospital security lapse
Chris Cobb reports: Montfort Hospital officials were scrambling on Friday to reassure thousands of patients that an unsecured USB data key lost by a hospital employee did not contain intimate details of their health issues. Information on the USB key, downloaded from a Montfort computer in contravention of hospital rules, contained information on more than…
At long last, HHS unveils Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules
From their press release: The U.S. Department of Health and Human Services (HHS) moved forward today to strengthen the privacy and security protections for health information established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The final omnibus rule greatly enhances a patient’s privacy protections, provides individuals new rights to their health…
St. Mark's Medical Center notifies patients after finding malware on system
St. Mark’s Medical Center in LaGrange, Texas notified 2,988 patients of a breach. From their notice of December 31, 2012: On November 15, 2012, we learned that on May 21, 2012, one of our employee’s computers had become infected with malware that appears to have been designed to look for personal information stored on the computer….
Dedicated server hosting three medical practices hacked; some patient information exfiltrated to Gmail account
Several medical groups in Massachusetts were notified by their hosting service, Clearpoint Design, Inc., that a dedicated server on Hosting.com was hacked on October 18, 2012. The practices affected were South Shore Medical Center, who notified 4,100 patients, Harbor Medical Associates, P.C., who notified 4,343 patients, and Child & Family Psychological Services, Inc., who notified 7,250 patients….