Nereida Moreno reports: A mail delivery truck carrying the personal information of 2,400 Kaiser Permanente members on the Inland Empire Health Plan was stolen last month from a parking lot in Santa Clarita, officials announced Friday. Michelle Simms, a Kaiser Permanente spokeswoman, said the health care provider reported the theft to Los Angeles County Sheriff’s…
Category: Subcontractor
Tampa International Airport infosecurity breach spurred probe
Yvette C. Hammett reports: A consultant working to upgrade Tampa International Airport’s computer system last year caused concern among some airport employees about a potentially serious security breach because he shared his user name and password with 19 people in foreign countries. […] The information technology consultant, Gautham Sampath, who told airport authorities he shared…
Chicago medical records exchange sues IT vendor
Joseph Conn reports: The hospital association that operates a major Chicago-area health information exchange is suing its health information technology vendor that abruptly announced it will go out of business. The hospital Metropolitan Chicago Healthcare Council, now merged with the Illinois Health and Hospital Association, operates the MetroChicago HIE that connects more than 30 northeastern…
Contractor charged with damaging Reserve pay software
Kevin Lilley reports: The “glitch” that delayed Army Reserve paychecks for an average of 17 days in late 2014 now has an alleged face. Mittesh Das, a civilian contractor, could face 10 years in prison and a quarter-million dollar fine on charges he damaged the Regional Level Application Software, a critical Army Reserve computer network….
Raleigh Orthopaedic Clinic settles HHS/OCR charges over failure to have BAA in place
HHS has announced another enforcement action. This one stems from an investigation into a breach noted on this site in May, 2013. Raleigh Orthopaedic Clinic, P.A. of North Carolina (Raleigh Orthopaedic) has agreed to pay $750,000 to settle charges that it potentially violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule…
Pain Treatment Centers of America notifies 19,397 patients of Bizmatics breach
Ouch. The Pain Treatment Centers of America and Interventional Surgery Institute in Arkansas have been notifying HHS and 19,397 patients about a security incident involving their vendor, Bizmatics. I had reported last month that Bizmatics’ breach impacted at least 30,000 patients of two other clients. PTCOA becomes the third provider we now know about. I’ve emphasized some statements in PTCOA’s notice,…