From HHS, a bulletin concerning a settlement following a malware incident in 2011 that might have been avoided had the covered entity updated and patched their software: Anchorage Community Mental Health Services (ACMHS) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule with the Department…
Category: Uncategorized
VA: Woman sentenced for stealing identities of patients
Scott Daugherty reports: A Suffolk woman was sentenced Monday to 5 years and 5 months in prison for her role in an identity theft scheme that targeted medical patients. The sentence is on top of a two year one Sheila Clark Lewis is already serving in Suffolk, as well as any sentence she might receive…
New detail emerges in NRAD data theft case
On December 4, after posting a press release from the D.A.’s office announcing the arrest of a physician for stealing PHI on 97,000 patients, I noted that we still had seen no statement about the physician’s possible motive. Now Marianne Kolbasuk McGee reports that the physician “told authorities that he accessed and copied the NRAD…
When should your genetic information trump your right to privacy?
Adam Wernick reports: If you agree to participate in a genome research study, what happens if the researchers find a risky gene in your sequence? Do they have an obligation to tell you? What if you don’t want to know? And what about your family members, who might share that problematic gene with you? Do they have…
NY: WellCare informs Medicare subscribers of data breach
Patti Singer reports: Some personal information of a few dozen Monroe County residents who are Medicare subscribers with WellCare Health Plans recently was mishandled by a subcontractor for the insurer. In late November, WellCare sent letters to 47 people affected in Monroe County, telling them the breach did not include Social Security numbers or any…
NY: Suits continue following Samaritan Hospital breach
Bob Gardinier reports an update to a breach of Samaritan Hospital patient records that began in 2008, was first discovered in November 2011, and was not disclosed until March 2013. Lawsuits by those whose information was improperly viewed using a connection from the county jail nurse’s office to the hospital filed suit in September 2013. Rensselaer County has…