So I had no sooner finished posting the Baylor phishing incident in Texas, where I questioned whether that phishing incident might be related to a successful phishing attempt involving physicians in the Franciscan Medical Group, when I discovered a third phishing incident that also occurred on January 23. This one involved the HealthTexas Provider Network…
Category: Uncategorized
TX: Baylor Regional Medical Center at Plano notifies patients after physicians fall for phishing attempt
Baylor Regional Medical Center at Plano reported a breach to HHS that affected 1,981 patients. The incident, which occurred on January 23, was coded on the breach tool as a “Hacking/IT Incident” with the location of the information identified as e-mail. A notice on Baylor’s site explains that this was a phishing incident: Notice to…
PA: Former Crozer-Chester Medical Center pleads guilty to stealing patient info for tax refund fraud scheme
There’s an update to a breach previously noted on this blog in March, 2013. John George recently reported: A 50-year-old Brookhaven, Pa., man pleaded guilty today to stealing hospital patients’ identities as part of a tax fraud scheme. Reynaldo Estrada pleaded guilty today to one count each of conspiracy to commit identity theft, aggravated identity theft,…
AU: Prescription records found strewn in street after contractor's employee forgets to shred first, then haul
Rex Martinich reports: Hamilton’s James Dean Pharmacy has resolved the issue with its secure document disposal contractor after a number of prescription receipts were left beside Digby Rd earlier last month. The documents were strewn across 30 metre stretch of road on April 24 and the contractor responsible said the documents were retrieved on the…
Health IT: The De-Identification Question
Anne L. Kim writes: The rise of health apps has expanded the opportunities for individuals’ data to be used for research purposes, policy analysis, and so on. But what are the complexities involved with making sure people are “de-identified” from their own data, so their privacy can be protected? At an FTC workshop today on consumer-generated…
Update: Edgewater Medical Center's Old Patient Records Hauled Out, Will Be Shredded
Benjamin Woodard follows up on a situation I noted on this blog in 2013 involving medical records that were abandoned over a decade ago at Edgewater Hospital in Chicago: Demolition crews this week began removing loads of old patient medical records from the vacant Edgewater Medical Center, a month after city inspectors criticized the lack of…