Another exposure breach of transcription records from a medical practice: On December 13, 2014 Mercy Medical Center Redding Oncology Clinic discovered that transcribed physician progress notes containing your demographic and treatment information for services provided during June – October 2014, were publically accessible on a third party website. Upon discovery the third party removed the…
Category: Uncategorized
Stolen Northwestern Memorial Healthcare computer had information of 2,800 patients
Carlos Sadovi reports: Nearly 3,000 patients are being notified that a laptop computer stolen in October contained health information from patients of the Northwestern Memorial Healthcare group, hospital officials said Friday The 2,800 people had been patients of Northwestern Medicine Lake Forest Hospital, Northwestern Memorial Hospital and Northwestern Medical Group, officials said in press release…
Former Owensboro Medical Health System employee pleads guilty to misusing patient info
There’s an update to a breach PHIPrivacy.net reported in November 2013 involving a billing specialist at Owensboro Medical Health System who used patients’ information to secure loans from online lenders for her own use. This was a criminal prosecution under HIPAA, although there were also other counts under other federal statutes. The Messenger-Inquirer reports that Ilene…
Boston Children’s Hospital Settles Data Breach Allegations
There’s an update to an incident involving a lost laptop with PHI on over 2,100 patients at Boston Children’s Hospital. Massachusetts Attorney General Martha Coakley, who has been one of the most active state attorneys general in terms of pursuing breaches, issued the following press release: Boston Children’s Hospital (BCH) has agreed to pay $40,000 and…
Elmore prison clerk sentenced in massive identity theft
Rick Harmon reports: Sasha Webb, a medical records clerk at an Alabama Department of Corrections facility in Elmore County, was sentenced Thursday to serve almost six years in federal prison for her involvement in a stolen-identity, tax-fraud scheme. She was also ordered to serve three years of supervised release following her prison sentence and to…
UK: Caerphilly County Borough Council signs undertaking after covertly surveilling employee out on sick leave
A council that ordered covert surveillance on a sick employee must review its approach after an Information Commissioner’s Office (ICO) investigation. The ICO found the Council breached the Data Protection Act when it ordered the surveillance of an employee suspected of fraudulently claiming to be sick. From the undertaking, this summary of what happened: The…