This is an example of how NOT to secure patient information and how NOT to respond when you’re contacted about a vulnerability. Kevin Wetzel of SLC Security Services LLC posted a vulnerability report on Cape Fear Valley Health System in Fayetteville, NC. The vulnerability, first noted by SLC on August 26, was described as the entity leaking…
Category: Uncategorized
TX: 4,000 veterans personal information compromised
Jessica Soto reports: The South Texas Veterans Health Care System in San Antonio is notifying 4,000 Veterans whose personal information was compromised Wednesday. In an attempt to notify Veterans of the new federal rule of Hydrocodone combination, letters were inadvertently printed double-sided. On the front page one unique Veteran’s information was printed and another unique…
NC: Cone Health Notifies Patients of Breach Due to Mailing Error
WFMY reports: Thursday, officials at Cone Health admitted to a small data breach after letters sent from one of its facilities were addressed to the wrong patients. The hospital is notifying those 2,076 people who are patients of the Southeastern Heart and Vascular Center. The breach was the result of a clerical error and because of…
Lawsuit against Alere dismissed; CMIA claims continue to fail
Back in November 2012, this blog noted a breach affecting 100,000 patients whose information was on a laptop stolen from an Alere Home Monitoring employee’s car. A lawsuit subsequently followed. Now Law360 reports that a California federal judge threw out the proposed class action lawsuit, finding – as previous courts have also held – that the negligent release of…
UK: South Western Ambulance Service NHS Trust signs undertaking after breach
From the Information Commissioner’s Office: An undertaking to comply with the first, third and seventh data protection principles has been signed by South Western Ambulance Service NHS Trust. This includes the completion of a Privacy Impact Assessment in respect of data sharing. This follows an investigation whereby patient data related to 45, 431 data subjects…
Podiatrist charged with health care fraud and identity theft
Westmoreland Times reports: Aileen Gong, D.P.M., 55 years of age, of King of Prussia, Pennsylvania, was charged by indictment with health care fraud, wire fraud, and aggravated identity theft, according to an announcement by United States Attorney Zane David Memeger. The indictment charges that between 2009 and February 2014, Gong, a podiatrist, submitted at least…