[Update: The Irving incident affected 2,308 and the McKinney incident affected 1,253. Baylor Health declined to discuss their internal security policies, so we do not know if the doctors were violating any policy by having unencrypted PHI in their email accounts or if Baylor Health permits this.] Original article: After posting the two phishing reports from Baylor…
Search Results for: patient
HealthTexas Provider Network also affected by phishing scheme
So I had no sooner finished posting the Baylor phishing incident in Texas, where I questioned whether that phishing incident might be related to a successful phishing attempt involving physicians in the Franciscan Medical Group, when I discovered a third phishing incident that also occurred on January 23. This one involved the HealthTexas Provider Network…
AU: Prescription records found strewn in street after contractor's employee forgets to shred first, then haul
Rex Martinich reports: Hamilton’s James Dean Pharmacy has resolved the issue with its secure document disposal contractor after a number of prescription receipts were left beside Digby Rd earlier last month. The documents were strewn across 30 metre stretch of road on April 24 and the contractor responsible said the documents were retrieved on the…
Additional information on Susquehanna Health breach
On April 22, I noted that Susquehanna Health had notified HHS that 657 patients were affected by a breach on December 5, 2013 involving “Unauthorized Access/Disclosure, E-mail.” I could find no statement on their website at that time. I still can’t find one, but their report to the Maryland Attorney General’s Office provides the missing details. On December…
OCR dismisses Walgreens ‘Well Experience’ HIPAA complaint
Patrick Ouellette reports that OCR has dismissed a complaint filed about Walgreens “Well Experience” program. The complaint was mentioned previously on this blog: The Office for Civil Rights (OCR) has officially completed its investigation into the Walgreens “Well Experience” program and dismissed the complaint filed by the activist group, Change to Win (CtW), after finding…
Internet exposure breach results in $4.8 million HIPAA settlements
From HHS, a press release concerning a settlement arising from a breach previously covered on this blog: Two health care organizations have agreed to settle charges that they potentially violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules by failing to secure thousands of patients’ electronic protected health information…