To say that I am frequently frustrated by HHS’s “breach tool” would be an understatement. Their reporting form and coding often makes it impossible to know – simply by looking at their entries – what type of breach occurred. Consider this description from one of their entries: “Theft, Unauthorized Access/Disclosure”,”Laptop, Computer, Network Server, Email” So…
Category: Health Data
Wisconsin clinic notifies patients of information breach that occurred last summer
The Pierce County Herald reports: River Falls Medical Clinic says it has notified about 2,400 clients of a breach of unsecured personal information. The breach occurred after clinic officials reported stolen equipment to the River Falls Police in the summer of 2012. Police investigated and found the stolen equipment, as well as paper documents containing…
Identity theft charges prompts Tallahassee Memorial HealthCare to tighten policies
Jennifer Portman reports on yet another refund fraud ring involving a hospital employee as the source of personal information: Tallahassee Memorial HealthCare officials modified policies to help better protect the privacy of patients’ personal information and offered identity protection services to more than 100 patients after learning last year that a hospital employee was suspected…
Eleventh Circuit ruling on how to count ID theft "victims" for purposes of sentencing guidelines
In April 2011, I blogged about two medical office assistants who had been charged criminally under HIPAA for stealing patient information and providing it to others for an ID theft/fraud ring. Today, I learned from a post by Al Saikali on the Data Security Law Journal that Erica Hall had appealed her sentence to the…
Bill advances to help prevent state data breaches
Sometimes the personal connection to a breach does get legislators off the dime. Lee Davidson reports: The wife of Sen. Stuart Reid, R-Ogden, was among 780,000 victims of a Utah health data security breach last March. On Wednesday, Reid passed through the Senate a bill designed to help prevent such breaches in the future. SB20,…
Former employee of Texas Department of State Health Services charged with theft of hundreds of patients' information
Casey Murphy reports: An employee of the Northeast Texas Public Health district was arrested earlier this month for allegedly stealing the identities of hundreds of patients at a Mount Pleasant clinic she worked for before moving to Tyler. Selena Patino, 38, of Mount Pleasant, was arrested by the Titus County Sherriff’s Office on Jan. 4…