The following is Castro Valley Health’s notification. It sounds like they may have learned about this years-long exposure incident from HHS/OCR after someone notified HHS. The incident is not yet on HHS’s public breach tool. June 5 — Castro Valley Health, Inc. has become aware of a data security incident that may have involved some personal…
Search Results for: patient
University of Utah patients notified after phishing incident compromised employee email accounts
David Wells reports: Some of University of Utah Health’s patients are receiving notice that their private information may have been compromised in a recent email security breach. According to U of U Health, some of its employees’ email accounts were compromised in phishing schemes, resulting in unauthorized access of those accounts between April 6 and…
TN: The Little Clinic notifies more than 10,000 patients after discovering glitch in online appointment system
The following is a press release: NASHVILLE, Tenn.May 22, 2020– The Little Clinic (TLC) announced today that patients could have had their protected health information (PHI) accessed due to a failure in TLC’s online appointment functionality. The Little Clinic made the discovery internally and found if a patient made an appointment and modified that appointment online,…
PA: Ex-Geisinger employee accessed hundreds of patients’ info improperly
From their notice of May 18: WILKES-BARRE, Pa. – Geisinger Wyoming Valley Medical Center has notified certain patients that their protected health information (PHI) may have been accessed by an individual employee in a non-permitted manner. On March 20, 2020, Geisinger’s Privacy Office was alerted to a Geisinger Wyoming Valley employee possibly accessing medical records without…
PsyGenics notifies patients after discovering employee emailed patient info to her personal email account
Michigan-based PsyGenics, Inc. provides holistic mental health services to individuals diagnosed with intellectual and developmental disabilities. On March 25, during a routine security review, they discovered that an employee had emailed files to her personal email account on March 24 — and the spreadsheet contained patients protected health information: name, diagnosis code, appointment time, and…
Indiana Court of Appeals reinstates patient’s lawsuit against a hospital for breach by employee
There’s an update on a lawsuit filed in 2018 that I knew nothing about concerning a breach that occurred in 2017 that I knew nothing about. It’s been one of those days. Thankfully, reporting by Dave Stafford of the Indiana Lawyer showed up in my searches today: A divided Indiana Court of Appeals has reinstated…