Now that California is also posting breach reports online, I’m finding out about breaches in the healthcare sector that I’ve not seen in the news or on HHS’s breach tool. As one example, Perry Dental sent notification letters about a burglary that occurred February 16: We are contacting you about a recent burglary in our…
Category: Health Data
Over 200,000 confidential Medicaid records improperly acquired
No, it’s not Utah, but I can understand why you’d think that. The headline is referring to a totally different Medicaid breach – this one in South Carolina. Jeffrey Collins of Associated Press reports: The agency that runs South Carolina’s Medicaid program says an employee improperly transferred information about more than 228,000 people to a…
Emory Healthcare notifies individuals regarding missing data
Emory Healthcare has determined that 10 backup discs containing information on surgical patients treated between September 1990 and April 2007 are missing from a storage location at Emory University Hospital. As soon as it was discovered that the discs were missing, an extensive search and investigation was initiated and is continuing. It is important to…
UK: Briefcase stolen from social worker's home contained details of child protection cases
Leicestershire County Council have breached the Data Protection Act (DPA), following the theft of a briefcase containing sensitive personal data from a social worker’s home, the Information Commissioner’s Office (ICO) said today. The ICO was informed by the Council in May 2011 that a briefcase, containing documents to be used for initiating court proceedings, had…
Duke University Health System notifies patients of breach-that's-not-called-a-breach? (updated)
If you’re not familiar with bankruptcy proceedings, you may be as confused by this breach notice by Duke University Health System as I was. After reading it a few times, I finally thought I may have understood what happened, but then I read Jeff Drummond’s blog post as to why the DUHS never called this…
UK: Two organizations sign undertakings after privacy breaches
Two NHS trusts have signed undertakings to improve data protection following breaches. Hertfordshire County Council signed an undertaking following the loss of an Attendance and Pupil Support consultation folder in January 2011. The lost bag contained hard copy records of primary school consultation visits and the documents in the folder included pupil name and information relating…