Category: Health Data

I was hoping we’d get more information about this settlement and now HHS has provided it. As I had suspected, the Hospice of North Idaho breach affected fewer than 500 patients.  And as a commenter suggested, the fine was because they had no risk analysis nor policies for mobile device security. From HHS’s press release:…

Over the past year, I’ve had the opportunity to talk to a number of people in different organizations who are concerned with insider breaches in the health care sector.  One of those people is Kurt Long, CEO and Founder of FairWarning, a firm that provides patient privacy monitoring (privacy breach detection) systems. So, here’s a…

Brad Conaway reports that Gibson General Hospital has mailed letters to 29,000 patients informing them that their name, address, Social Security number and/or clinical information may have been on a laptop stolen from an employee’s home on November 27. Unfortunately, as the hospital explains in its statement and FAQ, the hospital cannot determine with any…

I recently noted that HHS’s breach tool had revealed some breaches we hadn’t known about.  One of them was from Brigham & Women’s Hospital in Massachusetts.  I contacted them to request a copy of their statement or press release, and was told that because there were less than 500 patients affected in Massachusetts, they had…

Kentucky’s Cabinet for Health and Family Services (CHFS) has issued a statement disclosing a recent breach: The Cabinet for Health and Family Services (CHFS) is informing 1,090 Medicaid clients by letter of a computer security breach that may have resulted in the unintentional release of information held by Hewlett-Packard Enterprise Services (HP ES), the vendor…

I was surprised to read this morning that Hospice of North Idaho had settled charges by HHS over a laptop stolen from an employee’s car in the summer of 2010. I was surprised, in part, because I was not aware of this incident at all as it had not appeared in HHS’s breach tool. Since…