On August 7, Central Utah Clinic, P.C. posted a breach notification on their web site: PUBLIC NOTICE: Potential Central Utah Clinic HIPAA Breach PROVO, Utah. (Aug. 7, 2014) — Central Utah Clinic is committed to the protection of patient privacy and is notifying 31,677 patients, by letter, of a potential personal health information breach. On…
Administrative law judge denies LabMD's motion to sanction FTC
As I noted on August 28, the FTC had responded (pdf) to LabMD’s motion for sanctions (pdf) in FTC v. LabMD. On September 5, Administrative Law Judge Chappell denied LabMD’s motion. After summarizing the allegations and the FTC’s response, Judge Chappell writes: To support its Motion, Respondent asserts as fact numerous matters that are disputed by Complaint Counsel….
NY: Port Jefferson parents get wrong exam scores
Schools re-opened on Long Island right after Labor Day, and look, we already have a privacy breach. Elana Glowatz reports: Port Jefferson school district Superintendent Ken Bossert assured the community on Tuesday that an error that sent state test scores to the wrong households was a one-time occurrence. Many middle school parents visited the district…
OCR: Be prepared for HIPAA audits
Tom Sullivan writes: When the Office for Civil Rights knocks on your door, asking about HIPAA compliance, it pays to be ready. And OCR is looking to audit providers ranging from large to small, and across a wide geographical distribution. That’s according to OCR’s senior advisor for health information privacy Linda Sanches. Speaking at the HIMSS Media…
Ca: Tip leads to notification of security lapse
Disclosing breaches shouldn’t be optional – regardless of whether we’re talking about the U.S., Canada, or the EU. Ellen Roseman writes: Do you have a right to be notified if your confidential data is exposed to others online? Only Alberta has mandatory security breach reporting. The federal government and some provinces are trying to change…
Ca: North York hospitals post notices to patients after privacy breach
I’ve noted this breach before, but it’s interesting that the privacy commissioner has ordered the hospitals to post notices on their web sites. Lisa Queen reports: Humber River Hospital and North York General Hospital were required by the provincial privacy commissioner to post notices on their websites advising maternity patients that their personal information may…