Add Jersey City Medical Center to entities experiencing an e-mail breach of PHI. From their statement of April 20, 2015: On February 19, 2015, as part of routine hospital operations, an employee of Jersey City Medical Center accidentally sent an e-mail meant for internal use that included an attached spreadsheet with some patient information to…
Search Results for: patient
United Recovery Group notifying patients of HIPAA privacy breach (updated)
Florida-based Unity Recovery Group is notifying patients of a HIPAA breach that involved disclosure of their protected healthy information to providers outside their network without prior written consent. The breach apparently began in April 2014 and continued for a full year, until it was discovered in April of this year, as their letter explains: We…
Beacon Health System notifies patients after phishing attack (update2)
The following press release was issued on May 22 by Beacon Health System. Note the attempt to characterize this as a “sophisticated” attack. That’s PR-speak for “our employees fell for it.” Of note, it appears that this attack went back to November 2013. Was there any audit between then and now that could have detected…
ISIS hackers take over local healthcare website; company tries to assure patients their info is safe
James Ford reports: It’s a hazard that could affect anyone with an internet connection, and it comes courtesy of the terrorist group ISIS. Hundreds of people in the tri-state who logged on to their healthcare provider’s website Thursday night and Friday got a very unhealthy shock. An ISIS-supporting group had hacked in, leaving many people…
NY: Nurse took patient info to new employer (and no, it’s not the Jacobi Medical Center breach)
For the second time this week, we learn that a departing employee took information to their new job. First it was the Jacobi Medical Center case, where the employee’s motives were reportedly innocent: she wanted the information in case she ever had to follow-up on work she had done. Now it’s the University of Rochester Medical Center, where…
Medical Management LLC’s insider breach impacts patients of 40 providers (Update2)
Update: NorthJersey.com reports that the “Medical Management LLC” involved in this breach is based in North Carolina. One rogue employee at Medical Management LLC is resulting in 40 of the billing company’s clients having to notify patients. Medical Management is handling the notifications (template), but even so, this is not the way hospitals want to be in…