Peter Bernard reports: Patients of the former Suncoast Hospital are worried bad guys may have their private information. A security guard is watching the decaying, old medical center. But it might be too late to keep personal medical records from being stolen. “My wife had three of the kids out there. And she also had cataract surgery at…
Category: U.S.
Guardian Jacksonville Notifies 11,521 Patients of Email Compromise of Protected Health Information
From their notice of March 30: Guardian Pharmacy of Jacksonville, LLC (“Guardian”) is notifying certain patients of the unauthorized access to certain limited pieces of patient information, including patient name, prescription medication information, treatment details, and diagnosis information. For a small number of individuals, this information also included Social Security numbers and health insurance information. …
NC: Diagnostic Radiology & Imaging notifies 800 patients of phishing incident in 2017
From their notice: Diagnostic Radiology & Imaging, LLC (or “DRI”) operates multiple imaging facilities in Greensboro, North Carolina under the names Greensboro Imaging and The Breast Center of Greensboro. On January 31, 2018, DRI became aware of an impermissible disclosure of limited health information about approximately 800 patients. An investigation revealed that on November 11,…
NYC Health + Hospitals/Harlem notifies 595 patients of missing laptop with their protected health information
From their notice of March 30, 2018: NYC Health + Hospitals this week began to notify 595 NYC Health + Hospitals/Harlem patients about the possible disclosure of some of their protected health information (PHI). The possible disclosure—a laptop computer missing from the facility—occurred on January 25, 2018, and was discovered on January 29. The PHI…
Personal information of 1 million potential college applicants ‘exposed inadvertently’
Emily Tate reports that a vendor in the higher education space exposed more than 1 million potential college applicants’ information due to a misconfigured rsync backup: The data — which included names, phone numbers, email addresses, home addresses, high school graduation years and, in a few cases, dates of birth and Social Security numbers —…
A covered entity’s responsibility to monitor a business associate is…. what?
There is yet another really informative post by Jeff Drummond of Jackson Walker. This one is about a CE’s responsibility to actively monitor a BA’s compliance. Jeff writes, in part: Lexology today led me to this article by Adam Green’s crew at Davis Wright Tremaine. It turns out, there is specific language in the December…