On April 22, I noted that Susquehanna Health had notified HHS that 657 patients were affected by a breach on December 5, 2013 involving “Unauthorized Access/Disclosure, E-mail.” I could find no statement on their website at that time. I still can’t find one, but their report to the Maryland Attorney General’s Office provides the missing details. On December…
Category: Uncategorized
Back at FTC vs. LabMD
In this week’s developments, the FTC has filed its response/opposition to LabMD’s motion for summary decision. In other matters, the administrative law judge has denied LabMD’s motions in limine to exclude two expert witness’s testimony, noting that such exclusion would be premature and consideration of what should be excluded needs to be decided within the…
OCR dismisses Walgreens ‘Well Experience’ HIPAA complaint
Patrick Ouellette reports that OCR has dismissed a complaint filed about Walgreens “Well Experience” program. The complaint was mentioned previously on this blog: The Office for Civil Rights (OCR) has officially completed its investigation into the Walgreens “Well Experience” program and dismissed the complaint filed by the activist group, Change to Win (CtW), after finding…
Police Access to Prescription-Drug Records Gets Tougher
Joe Palazzolo reports: For years, police across the country have had little trouble gaining records of prescription drugs used by individuals they suspect of committing a crime. But some courts and legislators are starting to restrict the data, citing privacy concerns. Law-enforcement officials say easy access to databases of prescriptions for controlled substances is crucial…
Ca: New rules to require immediate warnings when health data breached
Keith Gerein reports: Outrage over the handling of Alberta’s largest-ever breach of private health information has prompted new legislation that will force companies to immediately raise the alarm if a similar incident happens again. Health Minister Fred Horne said amendments to the Health Information Act will require custodians of health information to disclose any breach…
UMass Medical Center alerts patients to insider data theft that may date back to 2002
Posted on the website of University of Massachusetts Medical Center: Important Privacy Incident Notice for UMass Memorial Medical Center Patients UMass Memorial Medical Center (UMMMC) is committed to protecting the privacy and confidentiality of patient information. Regrettably, this notice concerns an incident involving some of that information. On March 6, 2014, we learned that an employee…