Protenus, Inc. has released its February Breach Barometer, with its analysis of 39 health data incidents compiled for them by this site. As I have done in companion posts to their previous reports, I am providing a list, below, of the incidents upon which their report is based. Where additional details are available, I have…
Search Results for: HCA
DocuTrac medical software is a breach risk, warns Rapid7
Warwick Ashford reports on what seems to me to be yet another case of hard-coded credentials creating a critical vulnerability in protecting patient data, and I, of course, have questions. Ashford reports: The QuicDoc & Office Therapy suite of software produced by DocuTrac contains security vulnerabilities that could allow attackers to gain control of patient…
A.G. Schneiderman Announces $575,000 Settlement With EmblemHealth After Data Breach Exposed Over 80,000 Social Security Numbers
March 6 – Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective…
Verizon 2018 Protected Health Information Data Breach Report
From Verizon: We’ve re-examined the data within our Data Breach Investigations Report (DBIR) series (2016 and 2017) to focus in on the healthcare sector’s unique profile and security challenges, and particularly the use/abuse of protected health information (PHI). Our 2018 Protected Health Information Data Breach Report (PHIDBR) is underpinned by 1,368 incidents from this caseload…
Survey: 18% of Health Employees Would Sell Confidential Data
Those who said they were willing to sell the data would do so for as little as between $500 and $1,000. Alexandra Wilson Pecci reports: Patients trust their healthcare providers to keep their data safe, but according to a new survey, that trust might sometimes be misplaced. The Accenture survey found that nearly one in…
Jemison Internal Medicine discloses ransomware event
From their notification of February 16, 2018 to 6,550 patients, a reminder of the value of good backups. But yet another incident where investigation of a new incident uncovers evidence of a previously undetected intrusion: Privacy Event at Jemison Internal Medicine, PC Jemison Internal Medicine, PC (“JIM”) of Jemison, Alabama has advised its patients of…