Critical Care, Pulmonary & Sleep Associates in Colorado has notified 23,377 patients of a privacy incident. Their on-site notice offers a useful reminder that while bad actors may be seeking to engage in financial theft or fraud, when files with ePHI are connected to employee email accounts, patients and HHS may wind up needing to be…
Search Results for: patient
Valley Hope Association notifies patients after employee email hack
Note: VHA’s notice on their web site emphasizes that no diagnostic or treatment information was exposed. Given the nature of this provider, that will be a relief to many patients. Because this incident is not yet posted on HHS’s public breach tool, we do not yet have the number being notified. The following is VHA’s…
PHI of 1,002 Lebanon VA Medical Center Patients Exposed in Email Error
HIPAA Journal reports: Lebanon VA Medical Center in Pennsylvania has discovered the protected health information of hundreds of elderly patients has been impermissibly disclosed to a family member of a veteran. In November 2018, a member of staff at Lebanon VA Medical Center emailed a document to a family member of a veteran who was…
All-Star Orthopaedics Provides Notice of Patient-Data Breach
Dallas, TX, January 18, 2019 –(PR.com)– All-Star Orthopaedics is notifying individuals that a hard drive with patient data was stolen on November 20, 2018. At this time, All-Star Orthopaedics has no indication that the private information has been accessed or misused. On November 20, 2019 (sic), All-Star Orthopaedics discovered a hard drive containing x-rays and…
DoD Health Agency Security Flaws Put Patient Data at Risk, OIG Finds
Jessica Davis reports: The Department of Defense Health Agency (DHA) failed to consistently implement security measures to protect the systems that stored, processed, and transmitted electronic health record and patient information, according to a DoD Office of Inspector General report released this week. The report found DHA and Army officials didn’t enforce the use of Common…
Ouch: Patient records found years later in his home by a former spouse of a former Hanger Clinic employee
Hanger Clinic in Florida posted the following undated notice on their site. DataBreaches.net had emailed them to ask when the notice was issued and how many patients were notified, but has received no reply as yet. Nor is this incident on HHS’s breach tool as of the time of this posting: This Notice applies only…