The Information Commissioner’s Office (ICO) has found Betsi Cadwaladr University Health Board in breach of the Data Protection Act after sensitive information was sent to the wrong address. The information was disclosed when eight letters about patients were sent to one of the people affected in July 2013. The letters should have been sent to…
Search Results for: patient
Plastic Surgeon May Pay for Sharing Patient's Pics
Jeff D. Gorman reports: A woman whose plastic surgeon gave her before-and-after photos to a television news reporter may have a case for negligence, a Utah appeals court ruled. Dr. Renato Saltz performed surgery on Conilyn Judge’s breasts and torso in 2006. Two years later, a reporter contacted Saltz for a story on how to…
IN: St. Vincent Breast Center sends 63,000 letters to wrong patients
Kate Taylor reports: St. Vincent Breast Center officials said patient’s health information may have been compromised after they sent around 63,000 letters to the wrong patients. The letters included patient names, addresses, and in some cases, a reference to a scheduled appointment. Officials said none of the letters included social security numbers, financial information or…
Update: No criminal charges to be filed in Bay Park patient data breach case
Amulya Raghuveer reports: Oregon Police said Friday that they will not file charges against a ProMedica employee after a criminal investigation into a breach of patient data at Bay Park Hospital. The security breach, which was announced by ProMedica in May, was suspected to have compromised personal health information for nearly 600 patients at the…
Salina Family Healthcare Center notifies 9,640 patients after email attachment error
A recent update to HHS’s public breach tool revealed an incident involving Salina Health Education Foundation (d/b/a Salina Family Healthcare Center) in Kansas. The April 8th incident affected 9,640 patients and was coded as “Unauthorized Access/Disclosure E-mail.” A statement dated June 2 explains: Salina Family Healthcare Center (SFHC) notified more than 500 patients of an unintentional transmission of unsecured…
CA: Riverside County Regional Medical Center notified 563 patients about missing laptop with PHI
Here’s yet another case involving a missing (presumed stolen) laptop with unencrypted PHI that was used with a medical device, but seemingly not physically secured enough. This breach involves the Riverside County Regional Medical Center. I recently reported a similar type of breach at a VA medical center in Denver. The following statement was posted on the hospital’s website today: Hospital Patients…