The Centers for Medicare & Medicaid Services (CMS) maintains the protected health information of millions of Medicare beneficiaries. If CMS has a security breach, they’re obligated to report it just like other HITECH-covered entities. But when HHS’s Office of the Inspector General (OIG) looked at whether CMS was complying with the requirements, they found deficiencies: CMS reported…
Category: Health Data
Despite thefts, no new Medicare IDs
Kelly Kennedy reports: More than a quarter-million Medicare beneficiaries are victims of identity theft and hampered in getting health care benefits because the government won’t issue new IDs, according to an investigation report released today. Medicare officials say it’s too expensive and too many agencies are involved to reissue those numbers to patients victimized by…
UK: ICO seeks to justify heavy data breach fines against NHS bodies following criticism
There has always been some level of concern and criticism that when NHS bodies are fined, the fines will reduce the funds available for patient care. An article on Out-Law.com addresses this controversy: The UK’s data protection watchdog has defended its civil monetary penalty regime after it was criticised for the amounts of fines levied…
NL: Groene Hart Ziekenhuis (Green Heart Hospital) leaking medical records
I hate relying on Google Translate, but this article seems to detail a very serious web leak involving a hospital in the Netherlands, Groene Hart Ziekenhuis. It seems the hospital used an outside provider who didn’t adequately secure the data and an ethical hacker was able to access patient records via FTP. Patient records going back to…
California Adds Affirmative Defense to Medical Privacy Law
Michael Epshteyn writes: A new law that amends the California Confidentiality of Medical Information Act (CMIA) may provide some relief to HIPAA covered entities and business associates, some of whom have faced class action lawsuits seeking millions in statutory damages under the CMIA for large-scale data breaches. Because the CMIA—unlike HIPAA—creates a private right of…
ZA: Cancer patients at risk as thieves steal computers with their medical records (updated)
Lives of thousands of cancer patients are at risk following the looting of computers that store vital data for them at the Cancer Diseases Hospital, a heist that has shocked medical personnel. The specialised hospital is located within the University Teaching Hospital (UTH) premises in Lusaka. Medical personnel have described the theft as a ‘death…