Rady’s Children Hospital in San Diego has been notifying patients whose information was accessed without authorization via an open port on the Internet. According to their notification, reproduced below, the unauthorized access first occurred on June 20, 2019, and was discovered on January 3, 2020. They do not explain how they first became aware of…
Search Results for: patient
PIH sued after notifying patients of phishing attack that could have exposed their protected health information
On January 24, I posted a breach notification from PIH Health with a commentary on how long it took from the time of the phishing attack to notification of almost 200,000 potentially affected patients. There was nothing in their notification, however, that suggested that patients had actually had their protected health information stolen or misused….
Personal health information of nearly 2,900 Queen’s patients sent to wrong email address
The Star Advertiser reports: An employee sent an email containing personal health information for 2,852 patients of The Queen’s Medical Center and Queen’s North Hawaii Community Hospital to the wrong address on Feb. 3, Queen’s officials announced today. No Social Security numbers or financial account information was included, so patients’ financial security is not at…
Ste-Justine hospital employee fired after patient files consulted without authorization
Canadian Press reports: An employee of Ste-Justine hospital was fired after she consulted “without justification” the medical files of 344 patients, some of them employees, the hospital announced on Friday. The hospital said it had also filed a complaint with police against the ex-employee, who worked in one of its clinics. Read more on Montreal…
CA: VibrantCare Rehabilitation notifies patients after employee email account compromised
VibrantCare Rehabilitation in California recently notified 1,655 patients after an employee’s email account was accessed. They notified HHS on February 8 and posted this notice on their website: ABOUT THE INCIDENT VibrantCare Rehabilitation, Inc. (“VibrantCare”) is providing notice to individuals of an incident that may have affected the security of some information relating to certain…
United Regional sends letters to patients about information breach
News6 in Texas reports that United Regional Health Care System has disclosed an incident that occurred last July when someone accessed an employee email account. It was only in December that they first confirmed that patient information could have been accessed in the email account, even though there was no direct evidence that it had…