Healthcare Information Security

HIPAA Administrative Safeguards

Data Breach News: Cone Health Mailing Error; New Calif. Law

by Patrick Ouellette

Cone Health of Greensboro, N.C. has alerted 2,076 Southeastern Heart and Vascular Center patients that their data was compromised as a result of a mailing error. Wfmynews2.com reports that a clerical mistake led to letters, which included patient...

Ponemon study analyzes data breach preparedness trends

by Patrick Ouellette

The Ponemon Institute’s Second Annual Study on Data Breach Preparedness gauged 567 cross-vertical executives’ confidence in their organizations’ ability to respond to data breaches. Compared to last year’s findings, organizations...

Medical practice notifies 3,000 patients of data breach

by Patrick Ouellette

Owensboro Medical Practice is currently conducting an internal investigation into a data breach that exposed 3,000 patients’ data. There are conflicting reports on the scope, in terms of the involvement of a business associate (BA), and...

Duke Health System notifies patients of data breach

by Patrick Ouellette

Duke University Health System recently announced that it experienced a patient data breach on July 1 when an unauthorized person stole an unencrypted thumb drive from an administrative building. According to the patient notice on the Duke website,...

Children’s Mercy Hospital notifies employees of data breach

by Patrick Ouellette

Children’s Mercy Hospital of Kansas City, Mo. recently alerted 4,076 employees’ data may have been exposed in a breach involving its online scheduling application. According to the Kansas City Star, Children’s Mercy Hospital...

St. Joseph Health sends patient breach notification letters

by Patrick Ouellette

Among the items that can be lost in the mix when one healthcare organization takes over another is security and compliance. St. Joseph Health recently took over the former Redwood Regional Medical Group’s imaging center and has taken responsibility...

Access Health CT announces patient data breach

by Patrick Ouellette

The Connecticut state health insurance exchange, Access Health CT, is handling a patient data breach that occurred when its vendor Maximus’s employee lost a backpack containing 413 patients’ information in a deli. According to the...

Data breach may affect all 62,000 UPMC employees

by Patrick Ouellette

Another healthcare data breach involving employees continues to grow, as the range of employees affected by the University of Pittsburgh Medical Center (UPMC) breach has grown from a reported 27,000 to potentially all 62,000 employees, according...

Hurley Medical Center notifies employees of data breach

by Patrick Ouellette

Hurley Medical Center is in the process of dealing with an employee data breach that was a result of an error made while the organization was working to resolve payment errors with its health plan. According to mlive.com, an email attachment...

ProMedica Bay Park Hospital announces data breach

by Patrick Ouellette

ProMedica Bay Park Hospital of Oregon, OH is in the process of alerting more than 500 patients that their protected health information (PHI) had been breached after an internal employee inappropriately gained access to the information. According...

L.A. County boosts encryption policies after data breach

by Patrick Ouellette

Most often out of necessity, a healthcare organization that has just endured a data breach will comprehensively review its privacy and security procedures. The most recent example of these ramped-up efforts is the ongoing Los Angeles County Department...

Elliot Hospital notifies more than 1,200 patients of breach

by Patrick Ouellette

After an Elliot Hospital employee’s car was broken into and four computer workstations were stolen from the vehicle on March 27, the hospital alerted more than 1,200 patients that their data had been exposed. Though, according to unionleader.com,...

Medical center not liable for breach; Humana reports breach

by Patrick Ouellette

Unencrypted devices continue to plague healthcare organizations, as healthcare insurance provider Humana is in the process of notifying 2,962 patients that an unencrypted USB drive and encrypted laptop with patient data stored on them were stolen...

HIPAA Security Rule compliance needs: Administrative safeguards

by Patrick Ouellette

The HIPAA Security Rule focuses on securing electronic protected health information (ePHI) and is essentially split into administrative, technical and physical safeguards. Seeing as New York and Presbyterian Hospital (NYP) and Columbia University...

L.A. County tacks on 3,497 patients to Sutherland data breach

by Patrick Ouellette

The patient data breach that involved Sutherland Healthcare seems to be a never-ending saga for the Los Angeles County Department of Health Services (DHS). After adding 170,200 patients to the list of those affected back in April, DHS has tacked...

Boulder Community Health reviews paper PHI record exposure

by Patrick Ouellette

After a reported HIPAA violation, Boulder Community Health (BCH) of Colorado is in the process of investigating its third patient data breach since 2008, according to The Daily Camera. The context of the breach is a bit bizarre in that, unknown...

Employees file class suit against UPMC following data breach

by Patrick Ouellette

Employees affected by the University of Pittsburgh Medical Center (UPMC) data breach have filed a class action lawsuit against UPMC and its payroll vendor, Ultimate Software Group. The suit says that UPMC and the vendor breached its duty to protect...

HHS deals out largest-ever $4.8M HIPAA violation settlement

by Patrick Ouellette

The Department of Health and Human Services (HHS) announced yesterday that it had handed out $4.8 million worth of HIPAA fines to New York and Presbyterian Hospital (NYP) and Columbia University (CU) after they submitted a joint breach report...

OCR dismisses Walgreens ‘Well Experience’ HIPAA complaint

by Patrick Ouellette

The Office for Civil Rights (OCR) has officially completed its investigation into the Walgreens “Well Experience” program and dismissed the complaint filed by the activist group, Change to Win (CtW), after finding CtW’s patient privacy...

Molina Healthcare contractor mail error exposes patient data

by Patrick Ouellette

Molina Healthcare, a multi-state healthcare organization, reported on Friday that a postcard mailing error in March had resulted in 5,261 former members’ Social Security numbers being inadvertently exposed. According to the Albuquerque...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks