A breach at Rouge Valley Centenary that involved the contact information of 8,300 new mothers possibly being sold by two employees to multiple Registered Education Savings Plan (RESP) companies may also have affected new mothers at Rouge Valley Health System’s (RVHS) Ajax and Pickering site as well. It is not clear, however, whether the same two employees were responsible. CP24 has the update….
Category: Uncategorized
Virginia federal court holds that online posting of patient medical information constitutes “publication” sufficient to trigger a general liability insurer’s duty to defend
Hunton & Williams write: On August 7, 2014, the United States District Court for the Eastern District of Virginia held in Travelers Indemnity Company of America v. Portal Healthcare Solutions, LLC, No. 1:13-cv-917 (E.D. Va. Aug. 7, 2014), that online posting of patient medical information constituted “publication,” whether or not it was viewed by a third…
AL: Local hospitals hit with class action lawsuit in wake of data breach
Donna Thornton reports: Community Health Systems and some of the Alabama hospitals it owns have been hit with a class action lawsuit in the wake of the disclosure that patients’ personal information has been compromised. Gadsden Regional Medical Center, Riverview Regional Medical Center and Anniston HMA and Foley Hospital Corporation — all owned by CHS…
Third covered entity was victim of rogue Iron Mountain employees
In addition to the more than 49,000 patients of Orthopaedic Specialty Institute Medical Group whose records were allegedly stolen by employees of Iron Mountain and the 10,000 patients of the Long Beach Internal Medical Group whose records were stolen, PHIprivacy.net has uncovered a third victim. The Hand Care Center / Shoulder and Elbow Institute in Orange, California also…
Ca: Privacy breach sentencing significant for general deterrence: Crown attorney
Cory Hurley reports: The conviction and sentencing of a former hospital clerk who inappropriately accessed patient records is significant to deter any future breaches, according to Crown attorney Vikas Khaladkar. […] The Crown attorney requested a fine of $7,500 be imposed upon Colbourne, who pleaded guilty to inappropriately accessing 1,043 patient files between June 2011…
Long Beach Internal Medical Group patients also victimized by two rogue Iron Mountain employees
I wouldn’t recommend starting a breach notification letter with “Please take notice that,” but in light of what follows, maybe it was appropriate in this case. It seems that Orthopaedic Specialty Institute wasn’t the only entity that had patient records that had been stored with Iron Mountain stolen. Long Beach Internal Medical Group posted a…