California’s Department of Public Health (CDPH) has fined nine hospitals this year for failure to prevent unauthorized access to patient medical information, as required by Section 1280.15 of California’s Health and Safety Code. The fines were issued for breaches reported in previous years. Frustratingly, the state’s web page that reports the penalties and underlying reports…
Search Results for: HCA
Six fired from Cedars-Sinai over patient privacy breaches
Anna Gorman and Abby Sewell report that five employees and a student research assistant at Cedars-Sinai Medical Center have been fired for inappropriately accessing 14 medical records in a one-week period last month. Four were employees of community physicians who have medical staff privileges at the hospital, one was a medical assistant employed by Cedars-Sinai, and…
Shining some light on medical privacy and security breaches in California; over 13,000 reported in 3+ years
The California Department of Public Health recently added a breach report to its web site involving California Hospital Medical Center – LA. According to their report of November 2010, in May 2010, the police department discovered face sheets with 102 patients’ names, financial, insurance, and diagnostic information in the trunk of a patient accounts representative’s…
Breach-related lawsuit against Adventist Health dismissed for lack of subject matter jurisdiction
Law360 reports that Adventist Hospital System/Sunbelt Inc. succeeded in getting a federal court to dismiss a potential class action lawsuit against it. As noted previously on this blog, the lawsuit stemmed from employees at Florida Hospital Celebration selling patient information. Adventist had moved to dismiss Richard Faircloth’s lawsuit on grounds that the federal court lacked…
llinois health agency notifies 3,100 Cook County residents of mailing error disclosing PHI
WLS reports: The Illinois Department of Healthcare and Family Services says information on about 3,100 clients in Cook County may have been released. It says a managed care contractor accidentally sent client ID cards to the wrong addresses. The personal information on the Family Health Network ID card included member name, state issued Medicaid number…
U.K.: Fax blunder leads to £55,000 penalty for Staffordshire trust
The Information Commissioner’s Office (ICO) has issued a monetary penalty of £55,000 to North Staffordshire Combined Healthcare NHS Trust. The penalty follows a serious breach of the Data Protection Act which resulted in sensitive medical details of three patients being sent to a member of the public. The details were released between August and September 2011 when…