Accessing Medical Records Without Authorization Leads to Hospital Employee Being Sacked
The medical histories of 769 patients at Lowell General Hospital have been accessed by an member of staff without any valid work reason. By accessing the medical records, the member of staff breached the Massachusetts- based hospital policies and violated the privacy of hospital patients. Once the breach was discovered, and completion of the following investigation, the employee was fired. Lowell General Hospital was content that only...
Healthcare Worker Stole PHI of 28,000 Health Care Services Patients
Private documents holding the PHI of patients have been stolen by a former employee of the Center for Health Care Services (CHCS) in San Antonio, a provider of mental health treatment and support services for patients with intellectual and developmental disabilities. Notifications of the breach have been sent to 28,434 patients who received care at CHCS before the summer of 2016. The breach of PHI was only found on November 7, 2017,...
Pennsylvania Obs/Gyn Clinic PHI Breach Reported
Paper files from Women’s Health Consultants, an obstetrics and gynecology practice that had centers in South Whitehall Township and Hanover Township, PA have been dumped at a recycling center in Allentown, Pennsylvania. The files – containing names, Social Security numbers, and medical histories, including details of cancer diagnoses and sexually transmitted diseases – seem to have come from the firm which is no longer...
Multiple Breaches Lead to $2m Fine for Cottage Health
Cottage Health, the Santa Barbara-based healthcare provider, will pay $2 million to resolve multiple violations of state and federal laws as per a directive from the California attorney general’s office. The group was examined by the California attorney general’s office in relation to a breach of private patient data back in 2013. The breach of data was found by the organization on December 2, 2013, when someone made the healthcare...
Blue Cross and Blue Shield of Florida Breach Impacts Almost 1,000 People
Blue Cross and Blue Shield of Florida, dba Florida Blue, has announced to the public that the personally identifiable information of a small number of insurance applicants has been improperly accessed online. Florida Blue discovered to the exposure of patient data in late August 2017 and immediately initiated a review. Florida Blue reports that the showed that 475 insurance applications had been saved to the cloud by an unaffiliated...
New Jersey Medical Practice has Boxes of Medical Records Stolen
Otolaryngology Associates of Central Jersey is making contact with patients to advise them of breach of their protected health information, following a theft at an off-site storage service in East Brunswick, NJ. The thieves removed thirteen boxes of paper medical records from the service, which included data like names, addresses, health insurance account numbers, birth dates, dates of military duty served, and the names of treating...
Cook County Health Patients Affected by Data Breach
Illinois-based Cook County Health and Hospitals System, a health system comprising two hospitals and more than a dozen community health centers in Cook County, has advised its patients of a possible breach of their protected health information. The breach was experienced at the offices of Experian Health, a business associate of Cook County Health and Hospitals System. Experian Health is utilized to determine insurance eligibility and...
Ransomware Attack Affects 8,750 Patients According to Aging Agency
East Central Kansas Area Agency on Aging (ECKAAA), an Ottawa-based body, has reported that a ransomware attack has resulted in the encryption of files on one of the agency’s servers, and files were exposed that contained the protected health information (PHI) of approximately 8,750 patients. The cyberattack happened on September 5, 2017 and was immediately identified by ECKAAA, which took swift moves to limit the spread of the...
Breach of PHI at Texas Children’s Health Plan After Staff Member Sent Emails to Personal Account
A breach of HIPPA has occurred at the Texas Children’s Health Plan after it has been found that the protected health information (PHI) of 932 clients has been emailed to the personal private email account of a former member of staff. The violation of privacy was incident was first seen on September 21, 2017, although it was discovered that the former member of staff emailed the private data in November and December 2016. The emails...
PHI of 8,000 Patients Possibly Breached in Office Break In
An office break in and subsequent computer theft has lead to the possible exposing of the protected health information (PHI) of up to 8,000 clients of Brevard Physician Associates. has been exposed after a desktop computer was stolen in a burglary. The break in happened on Labor Day September 4, 2017 when Brevard Physician Associates business premises was closed. Thieves gained access to the offices early that morning and illegally...
IT Governance, Cyber Security Policies and Defenses Highlighted in ISACA Research
According to the findings of recent research carried out by Information Systems Audit and Control Association (ISACA), cyber security and defenses pose the largest challenges to corporate governance. Boards of directors and team leaders have also failed to implement an ideal correlation between business and information technology targets. 69% of the respondents in the survey stated that they feel believe that there is no of connection...
128,000 Arkansas Patients Attacked with Ransomware
128,000 patients at the Arkansas Oral Facial Surgery Center in Fayetteville have had their private information potentially impacted following a a ransomware. Ransomware was believed to have been placed on its network between July 25 and 26, 2017. The attack was identified quickly, although not before files, x-ray images, and documents had been encrypted. The incident did not break through the encryption of its patient database, except...
Medical Records Illegally Acccessed at PeaceHealth Over Six-Year Period
It has been discovered that the medical records of almost 2,000 patients was illegally accessed by a former employee at PeaceHealth, a not-for-profit Catholic health system based in Vancouver, WA. The unauthorized access was identified by PeaceHealth on August 9, 2017, leading tyo an investigation. PeaceHealth found the inappropriate access started in November 2011 and went on until July 2017. The inquiry revealed that Social Security...
1,140 Patients Have Private Data Exposed at Our Lady of the Angels Hospital
An investigation has show that a former member of staff obtained the medical records of 1,140 patients without authorization at Our Lady of the Angels Hospital. The former staff member had been granted access to the protected health information in order to conduct work duties; however, hospital staff found that the employee was accessing medical records without any acceptable work reason for doing so. The unauthorized access was found...
Mercy Health Love County Hospital Breach Might Have Exposed Records of 13,000 Patients
The personal data of more than 13,000 patients at Mercy Health Love County Hospital in Oklahoma may have been breached. On June 23, 2017, the hospital found that an employee had stolen a laptop computer and paper records from a storage unit which was owned by the hospital. The breach notice broadcast by Mercy Health revealed that the records of 10 patients were taken from the device along with the laptop. The theft of PHI was first...