KOLR10/KOZL News reports: A Springfield medical group that provides radiology services to CoxHealth is telling its patients to watch their personal information. Litton and Giddings Radiological Associates, P.C. (LGRA) says its janitorial service inadvertently sent patient paper billing records to a Springfield recycling company without first shredding the documents. The incident involved a business associate’s…
Category: Health Data
CMS response to data breaches and medical identity theft – OIG report
The Centers for Medicare & Medicaid Services (CMS) maintains the protected health information of millions of Medicare beneficiaries. If CMS has a security breach, they’re obligated to report it just like other HITECH-covered entities. But when HHS’s Office of the Inspector General (OIG) looked at whether CMS was complying with the requirements, they found deficiencies: CMS reported…
Despite thefts, no new Medicare IDs
Kelly Kennedy reports: More than a quarter-million Medicare beneficiaries are victims of identity theft and hampered in getting health care benefits because the government won’t issue new IDs, according to an investigation report released today. Medicare officials say it’s too expensive and too many agencies are involved to reissue those numbers to patients victimized by…
UK: ICO seeks to justify heavy data breach fines against NHS bodies following criticism
There has always been some level of concern and criticism that when NHS bodies are fined, the fines will reduce the funds available for patient care. An article on Out-Law.com addresses this controversy: The UK’s data protection watchdog has defended its civil monetary penalty regime after it was criticised for the amounts of fines levied…
NL: Groene Hart Ziekenhuis (Green Heart Hospital) leaking medical records
I hate relying on Google Translate, but this article seems to detail a very serious web leak involving a hospital in the Netherlands, Groene Hart Ziekenhuis. It seems the hospital used an outside provider who didn’t adequately secure the data and an ethical hacker was able to access patient records via FTP. Patient records going back to…
California Adds Affirmative Defense to Medical Privacy Law
Michael Epshteyn writes: A new law that amends the California Confidentiality of Medical Information Act (CMIA) may provide some relief to HIPAA covered entities and business associates, some of whom have faced class action lawsuits seeking millions in statutory damages under the CMIA for large-scale data breaches. Because the CMIA—unlike HIPAA—creates a private right of…