Healthcare Information Security

Healthcare Data Breach

Routine Audit Reveals PHI Data Breach for Md. Medical Center

by Elizabeth Snell

A Maryland medical center conducted a routine audit and discovered that a PHI data breach had taken place, affecting approximately 1,000 patients. Meritus Health was running “routine compliance and self-audit efforts” on May 4, 2015,...

UC Irvine Health Data Breach Affects 4,800 Patients

by Elizabeth Snell

UC Irvine Medical Center announced last week that an employee viewed thousands of patient records over a four-year period “without a job-related purpose,” potentially compromising the information of 4,859 patients and leading to a...

Unencrypted Flash Drives Missing from S.C. EMS Facility

by Elizabeth Snell

South Carolina EMS patients may have been the victims of a potential health data breach after unencrypted flash drives and hard drives used as back-up storage devices were discovered to be missing from a storage facility. Lancaster County employees...

PHI Exposed in Medical Informatics Engineering Data Breach

by Elizabeth Snell

Editor's note: This article was updated on July 24, 2015. Medical Informatics Engineering (MIE) announced last week that PHI was potentially exposed for patients of certain MIE clients. MIE became aware of suspicious activity on one...

PHI Data Breaches for NY, Texas Organizations

by Elizabeth Snell

PHI data breaches can impact both patients and the healthcare facility that experienced the breach. Patients may have to work to ensure that their personal information is not used maliciously, while covered entities or their business associates...

Potential PHI Data Breach at Calif. Youth Center

by Elizabeth Snell

There was a potential PHI data breach at a California-based youth center, with notifications being sent out to approximately 6,800 individuals. The Fred Finch Youth Center (FFYC) announced earlier this week that a break-in occurred at one of...

Improper Disposals Lead to Potential Health Data Breaches

by Elizabeth Snell

Preventing potential health data breaches requires healthcare organizations to have the necessary physical, technical and administrative safeguards in place. If one area is lacking, or is simply overlooked, it does not matter how strong the other...

Conn. Data Breach Security Bill Moves Forward

by Elizabeth Snell

Connecticut Governor Dannel Malloy is expected to sign a data breach security bill into law that would grant greater protections to consumers. Senate Bill 949, An Act Improving Data Security and Agency Effectiveness, was unanimously passed by...

UPMC Health Data Breach Lawsuit Dismissed

by Elizabeth Snell

A Pennsylvania judge dismissed the health data breach lawsuit that had been filed against the University of Pittsburgh Medical Center (UPMC) last year. Former UPMC employees filed the lawsuit after a data breach compromised the information of...

Did Failed Administrative Safeguards Cause Two Data Breaches?

by Elizabeth Snell

This site constantly underlines the importance of healthcare organizations keeping all of their safeguards up to date, as anything from failed administrative safeguards to failed physical safeguards can create privacy and security issues. Without...

Health Data Breaches Expose Info. in NH, NJ and NY

by Elizabeth Snell

Three recent different health data breaches affected individuals in New Hampshire, New Jersey, and New York. While not connected, these incidents further underline the importance for comprehensive security measures. Anything from human error...

Healthcare Data Breaches Have Highest Cost, Says Ponemon

by Elizabeth Snell

Healthcare data breaches average the highest cost per stolen record, with organizations reaching as high as $363, according to Ponemon’s annual Cost of Data Breach Study: Global Analysis, sponsored by IBM. For the US specifically,...

Medical Management Data Breach Impacting Multiple States

by Elizabeth Snell

Last week, we reported on a healthcare data breach where a third party facility, Medical Management LLC, connected with the University of Pittsburgh Medical Center (UPMC) reported that approximately 2,200 UPMC patients may have had their records...

North Dakota Data Breach Notification Law Amended

by Elizabeth Snell

Data breach notification laws continue to be implemented and amended across the country, as North Dakota becomes the latest state to clarify its regulations on privacy and security. North Dakota Governor Jack Dalrymple recently signed SB 2214...

CareFirst Health Data Breach Affects 1.1M Individuals

by Elizabeth Snell

CareFirst BlueCross BlueShield (CareFirst) joins the list of healthcare organizations affected by a large cybersecurity attack, as it announced yesterday that approximately 1.1 million current and former members potentially had their information...

Medical Info. Included in Nevada Data Breach Notification Law

by Elizabeth Snell

Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into...

Accidental and Unauthorized Emails Create PHI Security Issues

by Elizabeth Snell

No covered entity wants to notify patients of a potential PHI security incident, yet even with the appropriate safeguards in place, problems could still occur. When this happens, it is important to properly notify potentially affected individuals...

Possible Health Data Breaches From Theft, Unauthorized Access

by Elizabeth Snell

Even when covered entities implement sophisticated cybersecurity measures, health data breaches can still happen. It is important to not overlook seemingly simple security measures, such as installing proper locks on doors or even having an alarm...

What Happens When a Healthcare Cyber Policy is Broken?

by Elizabeth Snell

It is not uncommon for healthcare organizations to create a healthcare cyber policy with an insurance company, detailing what will take place should a data breach happen. However, if such policies are not followed, a covered entity might not...

Malware, Billing Company Theft Equal Health Data Breaches

by Elizabeth Snell

Health data breaches are not going to disappear anytime soon, which is why covered entities must ensure that their safeguards are current and comprehensive. Anything from malware to sophisticated cyber attacks to stolen laptops can lead to PHI...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks