Let’s remember that k-12 school districts often maintain medical information on their employees, as this notification from Victoria Independent School District in Texas reminds us. In this case, some employee email accounts were inappropriately accessed between July and October 2017. Some of the emails in those accounts contained employees’ personal information, including “name, address, Social…
Category: U.S.
MedWatch LLC notifies members whose protected health information was exposed on the internet
Florida-headquartered MedWatch, LLC is a care management company, providing risk management solutions to the self-funded health plan market. On or about April 13, they started notifying their clients’ health plan members after learning that a vendor misconfiguration error had exposed protected health information between October 20, 2017 and December 15, 2017. MedWatch did not name…
Polk County Health Services notifies mental health patients of breach that began in 2014
Polk County Health Services, Inc., in Iowa recently started notifying 1,071 patients seen at the Crisis Observation Center in Des Moines, Iowa between June 1, 2014 and January 11, 2018. According to a statement issued on April 13, Polk County Health Services, Inc. “accidentally and unknowingly disseminated” personal and protected health information for patients seen during that…
NC: Healthcare employee gave patient information to fraud suspects, police say
WSOC reports: Patients’ Social Security numbers, dates of birth and names were all handed over to fraud suspects by a Carolina Digestive Health Associates employee. In their search warrant, police said she admitted to sharing around 100 people’s personal information to fraud suspects. She also agreed to let detectives check her phone, and the warrant…
Ex-Berkeley Medical Center employee to pay more than $22K in restitution in patient-ID theft
Matthew Umstead reports: A former Berkeley Medical Center employee was ordered Monday by a federal judge to pay more than $22,000 in restitution stemming from allegations that she obtained hospital patients’ information to open credit card and other financial accounts. Angela Dawn Roberts, aka Angela Dawn Lee, 42, of Stephenson, Va., who pleaded guilty in…
Deeper Dive: Take Action to Close the Largest Cause of Data Security Incidents – Your Employees
David Kitchen writes: If you work at a typical company, employee actions and inadvertent disclosures present the greatest threat to the security of your data. Therefore, providing proper training and technical safeguards is one of the most important means to enhance your company’s security profile. In BakerHostetler’s newly-released 2018 Data Security Incident Response Report, we…