Healthcare Information Security

HIPAA Administrative Safeguards

Calif. AG releases breach notification letter from 1999 incident

by Nicole Freeman

The California Attorney General’s Office released yesterday a copy of a data breach notification letter sent by California physician Kathleen E. Whisman to patients after the San Ramon, Calif. Police Department alerted her on April 11,...

Over 1,000 notified of missing thumb drive, patient data

by Nicole Freeman

On Monday, Redwood Memorial Hospital of Fortuna, California mailed letters to 1,039 patients informing them of a missing thumb drive from the Cardiopulmonary Service Department that may have been storing protected health information (PHI),...

Eastside Medical Center loses paper patient records

by Patrick Ouellette

Officials at Eastside Medical Center of Snellville, Ga. have confirmed that thousands of pages of paper patient records meant to be shredded by a vendor were lost and spread on a public road. According to, patients’ names,...

Stormont-Vail HealthCare sends medical records to wrong patient

by Nicole Freeman

In an unusual set of circumstances, patient Lori Stein has reported a patient data breach at Stormont-Vail HealthCare System of Topeka, KS not involving data of her own. Stein went to an endocrinologist at Cotton-O’Neil Diabetes and...

Former Owensboro medical employee indicted for data breach

by Patrick Ouellette

As a result of former Owensboro Medical Health System (of Kentucky) employee Ilene W. Bullington selling patient information from February 2010 and August 2012, she was indicted by a federal grand jury last Wednesday. Bullington was...

Froedtert Health, Dynacare investigate patient data breach

by Patrick Ouellette

Froedtert Health’s Workforce Health, a healthcare organization, and contractor Dynacare, a clinical laboratory services company, are working toward resolving a recent data breach involving Milwaukee city employees. Dynacare recently...

Pa. internist sues medical billing company for data breach

by Patrick Ouellette

Following this week’s trend of data breach news surfacing from incidents that occurred years ago, a CBS Local report came out that Dr. Bhola N. Roy, MD, an internist in Bridgeville, Pa., is suing Medical Services Associates (MSA)...

The healthcare USB storage device security conundrum

by A.N. Ananth

The storage capacity and portability of universal serial bus (USB) devices has made them efficient and useful tools for the modern enterprise. Storage devices such as USB sticks, pens or thumb drives are popular ways to store large data...

NC DHHS notifies patients of multi-year breach

by Nicole Freeman

The North Carolina Department of Health and Human Services (DHHS) recently revealed that it had unintentionally been publishing private patient information for over 1,300 people on NC Openbook, a public website.  The information,...

Rotech Healthcare reports three-year-old patient data breach

by Patrick Ouellette

Three years after the original data breach occurred, Rotech Healthcare, Inc. sent a breach notification letter to the New Hampshire Attorney General’s Office. Back on November 26, 2010, an employee who left the organization took internal...

DaVita tells 11,500 patients, employees of laptop theft

by Patrick Ouellette

Laptop theft continues to be a major source of healthcare data breaches, as DaVita, a Colorado-based kidney care company, is alerting 11,500 patients and some employees of a breach, according to a notice on the Davita website. An...

Peeling away the layers of health data breach response

by Dom Nicastro

Health data breach response has many facets. This much, healthcare security professionals know. But properly responding to a breach starts even before breach response actually begins, said Rebecca Herold, CIPM, CISSP and CEO of The Privacy...

Phoenix Medical Group employee charged in tax fraud scheme

by Nicole Freeman

A Florida man pleaded guilty last Friday to stealing personally identifiable information (PII) while employed at Phoenix Medical Group in Mount Laurel, N.J.. Berness Swan, 44, of Spring Hill, Florida, used the information as part of...

University Hospitals notifies 7,100 patients of data breach

by Nicole Freeman

University Hospitals (UH) of Cleveland, Ohio was informed of an alleged hard drive theft on August 8 after a third-party vendor performed updates on the UH computer system. Since the hard drive’s disappearance, the not-for-profit medical...

Samaritan Health Services fined for July data breach

by Patrick Ouellette

Following a July 2013 patient data breach at Samaritan Health Services of Corvallis, Ore., the Oregon Department of Consumer and Business Services announced that Samaritan will be fined $1,000. The $1,000 fine, according to...

Florida DOH investigating patient identity fraud scheme

by Patrick Ouellette

The Florida Department of Health in Orange County (DOH-Orange) is still gathering information regarding a long-term internal data breach in some of its Orange County health centers. The DOH learned from federal investigators that two...

Children’s Healthcare of Atlanta suffers internal data breach

by Patrick Ouellette

After former Children’s Healthcare of Atlanta employee Sharon McCray stole both sensitive patient and organizational data, it fired her and filed a lawsuit against McCray on October 22. A Northern Georgia district court granted...

Managing a health data breach with a response plan

by Patrick Ouellette

Some organizations say they’re going to improve security after an incident. David Dover, Privacy and Security Officer at Alere Inc., can attest that his organization did make the effort to augment their security approach following...

Allina Health System reports internal EHR data breach

by Patrick Ouellette

Allina Health System learned of an internal data breach on September 18 in which an Inver Grove Heights medical assistant inappropriately viewed 3,800 patients EHRs from February 2010 to September 2013. The Pioneer Press reports that while...

VA Bakersfield clinic closes 2011 data breach investigation

by Patrick Ouellette

Following a two-year investigation, the Bakersfield, Calif. Veterans Affairs (VA) clinic was finally able to close the books on allegations of an internal patient data breach last week. Two former clinical staffers had claimed that a...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...