Kelly Dennett reports: A damning Privacy Commission review shows snooping doctors, nurses and even admin workers can access patients’ most personal medical records. The Office of the Privacy Commissioner identified significant flaws in the security and regulation of three shared care record (SCR) portals used by a number of district health boards. A draft review…
Category: Uncategorized
Protecting privacy while gathering health data
Stephanie M. Lee reports that the recent announcement by rival insurers Blue Shield of California and Anthem Blue Cross that they would team up to create an health information sharing network with their combined 9 million patients is raising privacy concerns. All members will be participants by default in Cal Index unless they opt out. Lee Tien of EFF…
Travelers must defend business associate in data breach lawsuit
Kira Lerner reports: A Virginia federal judge ruled on Thursday that Travelers Indemnity Co. of America must defend Portal Healthcare Solutions LLC against class allegations that it posted confidential medical records online, finding that the Travelers policy covered electronic publication of private information.U.S. District Judge Gerald Bruce Lee granted Portal’s motion for summary judgment and…
Colorado's Kaiser Permanente sent patient letters to wrong parties
Electa Draper reports: Kaiser Permanente Health Plan of Colorado reported Friday it mailed letters meant for one group of patients to the wrong patients on July 24. A mailing from Kaiser’s Population Care and Prevention Services Department was processed incorrectly, with some letters going to the wrong parties, officials said. The letter described a chronic…
Data breach possibly affects more than 500 in N.C.
An Alpharetta, Ga.-based medical company suffered a data breach that may have affected 570 North Carolinians. A subcontractor for 24 ON Physicians PC “inadvertently failed to secure a computer server containing patient account information,” the company said today in a news release. The failure occurred between December and April. The information included invoice numbers, charge…
AU: Privacy update: in for a penny, in for a pound — a warning for health service providers
DLA Piper writes: The Australian Privacy Commissioner has found that a suburban Melbourne medical practice has breached the Privacy Act 1988 (Cth) by failing to take reasonable steps to secure personal information in its possession. […] The Pound Road Medical Centre (PRMC) moved premises in 2011 and believed that all paper-based medical records had been…