Healthcare Information Security

Data Breaches

Unauthorized PHI Access at Coney Island Hospital Impacts 3.4K

May 25, 2017 - On March 10, 2017, NYC Health + Hospitals at Coney Island discovered that it had suffered unauthorized PHI access occurring over the course of three months from December 2016 to March 2017. The incident involved a volunteer working in the Phlebotomy department at the Coney Island branch of the hospital. The individual had not been properly processed through Coney Island’s Human Resources...


More Articles

Unauthorized PHI Access at Coney Island Hospital Impacts 3.4K

by Kate Monica

On March 10, 2017, NYC Health + Hospitals at Coney Island discovered that it had suffered unauthorized PHI access occurring over the course of three months from December 2016 to March 2017. The incident involved a volunteer working in the Phlebotomy...

Texas Hospital Email Hack Exposes PHI of over 8K Patients

by Kate Monica

On February 21, 2017, an unauthorized individual accessed an employee email account containing PHI at Hill Country Memorial Hospital in Fredericksburg, Texas. Hill Country stated the email hack appears to be the result of intentional criminal...

Unauthorized EHR Access Potentially Exposes 14K Records

by Kate Monica

On February 27, 2017, the Diamond Institute for Infertility and Menopause discovered a potential data breach in which an unauthorized individual gained access to a third-party server containing patient EHRs. While the patient EHRs and the database...

PHI Security of 20K Possibly Affected from RI Laptop Theft

by Kate Monica

On February 25, 2017, Lifespan Corporation suffered a possible healthcare data breach in which an employee’s laptop was stolen. The theft occurred when an individual broke into an employee’s car and stole several items, including...

Stolen, Unencrypted Drive Causes Data Security Concern for 15K

by Kate Monica

Western Health Screening (WHS) recently issued a letter notifying individuals of a possible data security breach in which a WHS-owned vehicle containing an unencrypted jump drive was stolen. The jump drive contained the personal information of...

Kentucky Health Center Ensures PHI Security After Email Gaffe

by Kate Monica

On February 3, 2017, Women’s Care of Somerset (WCS) employees erroneously disclosed the email addresses of all recipients of an informative email regarding health-related services to the other recipients. According to a written press release,...

Do Healthcare Data Breach Lawsuits Have Reasonable Standards?

by Elizabeth Snell

Being able to prove fault in a healthcare data breach class action lawsuit is inherently difficult, but it is also important to understand the privacy expectations, according to a recent Corporate Clients Insight blog post. Data breach cases...

TN Updates Data Breach Notification Law for Encrypted Data

by Elizabeth Snell

Any person or business that conducts business in Tennessee is only required give data breach notification if the information acquired was unencrypted, according to a recently passed amendment. Amended Senate Bill 547 states that encrypted data...

55K Potentially Affected by Virus Encrypting Pediatric Servers

by Kate Monica

On February 6, 2017, ABCD Pediatrics discovered a virus had gained access to the healthcare organization’s servers and encrypted patient data. The Texas-based pediatric facility immediately contacted IT personnel to take all servers offline...

2016 Record Data Breach Year, Attackers Less Healthcare-Focused

by Elizabeth Snell

There were a record number of records compromised from data breaches in 2016, growing 566 percent in 2016 from 600 million to more than 4 billion, according to a recent IBM report. The 2017 IBM X-Force Threat Intelligence Index also found that...

Computer Virus Potentially Exposes PHI of 2.5K at OR Clinic

by Kate Monica

A technician at Lane Community College health clinic recently discovered a computer virus, which may have exposed the PHI of some patients, according to an online statement. The Oregon college health clinic stated the virus may have been sending...

VA University Health System Security Breach Impacts 2.7K

by Kate Monica

Virginia Commonwealth University (VCU) Health System recently discovered a data breach potentially impacted over 2,700 patients, according to an announcement in the Richmond Times-Dispatch. On January 10, 2017, VCU Health System became aware...

Multnomah County Health Department Suffers PHI Breach

by Kate Monica

On August 24, 2012, a Multnomah County Health Department employee automatically forwarded all emails from an employee county email account to a personal Google email account not maintained by the Oregon county. Some of these emails included PHI,...

Congress Concerned on Patient Privacy with Healthcare.gov

by Sara Heath

Republican Senate and House committee leaders are asking government officials to provide them with information regarding potential patient privacy issues and security incidents that occurred on Healthcare.gov, the website for statewide health...

Wal-Mart Pharmacy Coding Error Causes Healthcare Data Breach

by Sara Heath

Wal-Mart’s online pharmacy suffered a healthcare data breach last month after a software coding error led some customers to be able to view other customers’ data. According to a Reuters report, Wal-Mart underwent a 72-hour period...

$7.5M Healthcare Data Breach Settlement for St. Joseph Health

by Sara Heath

A class-action lawsuit against St. Joseph Health System for a 2012 healthcare data breach has been resolved, resulting in SJHS paying the class members $242 each, splitting the total settlement check of $7.5 million. According to court documents,...

Improper Disposal Leads to Potential Healthcare Data Breach

by Elizabeth Snell

Community Mercy Health Partners (CMHP) reported that patient records were found in a recycling dumpster on November 27, 2015. CMHP said it was contacted by law enforcement about the records, and that it immediately sent employees to the recycling...

Oregon Data Breach Notification Law Goes Into Effect

by Elizabeth Snell

A new Oregon data breach notification law went into effect on January 1, and requires businesses and government agencies to notify the state attorney general of a data breach affecting more than 250 state residents. The Oregon Consumer Identity...

FAS Discusses Federal and State Data Breach, Security Laws

by Sara Heath

It seems as though 2015 was the year of the data breach, especially in the healthcare industry. As a means to regulate these data breaches and ensure adequate notification to individuals whose information had been compromised, several pieces...

Boston Medical Center May Face Healthcare Data Breach Lawsuit

by Sara Heath

Boston Medical Center could potentially face a lawsuit after a Massachusetts Superior Court judge deemed that a plaintiff had legal standing to sue the organization following a healthcare data breach. According to a Mintz Levin law firm blog...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks