So there was another breach disclosed in January that I didn’t find out about until today. It’s an insider-error situation involving a software developer contractor who unintentionally exposed protected health information (PHI) of 550 patients on GitHub – for more than five years. Here is Affiliated Santé Group’s notification: January 30, 2017 RE: Notice of…
Category: Insider
UK: Man prosecuted for taking files with job candidates’ personal info with him when he resigned to start rival company
Gregory Orum has been prosecuted at Highbury Corner Magistrates’ Court for an offence of unlawfully obtaining personal data. The defendant, who at the time worked at a recruitment agency based in Hertfordshire, emailed the personal data of approximately 500 candidates to his personal email address as he was leaving to start a new rival recruitment…
“Curious” employee snooped on thousands of St. Charles Health System patient records
And this, kids, is why you need to monitor employee access to patient records and audit over longer periods. Kyle Spurr reports: A caregiver at St. Charles Health System accessed nearly 2,500 patients’ electronic medical records without authorization from the hospital. The caregiver told the hospital she viewed the files out of curiosity. Her actions…
Central Huron Health Records Snooping Case Prosecuted
John Chippa reports: A Justice of the Peace in Goderich has handed down the stiffest fine to date in Canada for a health privacy breach. A university student who was on an educational placement with the family health team in Central Huron has been ordered to pay a $20,000 fine and a $5,000 victim surcharge…
UK: Nurse inappropriately accessed patient records for three years
STV reports: A night-shift nurse accessed the medical records of a colleague who was on sick leave. Lorraine Mcintosh faced disciplinary proceedings over her actions, which came to light when she was overheard discussing “blood test results and the reason for sick leave of another staff member” with a fellow employee. The nurse, who had…
VCU Health System notifies 2,700 of inappropriate access to their medical records
The Richmond Times-Dispatch reports: Virginia Commonwealth University Health System is notifying about 2,700 people that their or their minor child’s electronic medical records were inappropriately accessed over a three-year period. The university said it has no indication that the private health information has been used for any unintended purposes. The breach was found Jan. 10…