Back in May, I noted that University of Rochester Medical Center was notifying 3,000 patients because a departing employee had taken patient information with her for her new employer to use to recruit patients. Now NYS Attorney General Schneiderman has announced a settlement with URMC over the HIPAA breach. The settlement requires the center to pay a $15,000…
Search Results for: "University of Rochester Medical Center"
University of Rochester Medical Center notifies patients of misplaced USB drive
The University of Rochester Medical Center has sent letters to a group of former orthopaedic patients, alerting them to the loss of protected health information. Earlier this week, URMC notified 537 patients that a resident physician misplaced a USB computer flash drive that carried protected health information. The flash drive was used to transport information…
Failure to Encrypt Mobile Devices Leads to $3 Million HIPAA Settlement
From HHS OCR: The University of Rochester Medical Center (URMC) has agreed to pay $3 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules….
Server cleanup at URMC renders 2.6M archived files useless
Patti Singer reports: A mishap during routine server cleanup at the University of Rochester Medical Center several months ago has made it impossible for staff in the affected departments to open 2.6 million files. The files were on a server used by finance, research and operations to archive documents that had not been used for at…
New York State suspends ex-URMC nurse who shared patient info with her new employer
Patti Singer reports: A nurse practitioner who three years ago took a list of patients when she left employment at the University of Rochester Medical Center and brought the names to her new employer has been suspended from practice, according to the New York State Education Department Office of the Professions. Martha C. Smith-Lightfoot was…
NY: Nurse took patient info to new employer (and no, it’s not the Jacobi Medical Center breach)
For the second time this week, we learn that a departing employee took information to their new job. First it was the Jacobi Medical Center case, where the employee’s motives were reportedly innocent: she wanted the information in case she ever had to follow-up on work she had done. Now it’s the University of Rochester Medical Center, where…