Healthcare Information Security

HIPAA Administrative Safeguards

OCR Director Leon Rodriguez previews HIPAA audit strategies

by Patrick Ouellette

BOSTON - Beyond just discussing how today, Sept. 23, 2013, is a critical compliance day for the HIPAA Omnibus Rule, Director of the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) Leon Rodriguez, paved the...

NHC HealthCare Oak Ridge loses unencrypted backup tape

by Patrick Ouellette

NHC HealthCare of Oak Ridge, Tenn. announced a possible patient data breach after an unencrypted backup tape was lost. Though the number of patients is unknown, otentially compromised information included patient names, Social Security...

Loyola University Medical Center reports patient data breach

by Patrick Ouellette

A former Loyola University Medical Center nurse, Katrina R. Spears, was charged with felony identity theft on Sept. 8 after stealing a Loyola patient’s identity and heavily affecting her credit. Riverside, Illinois police, according...

Patient files Carol Milgard Breast Center privacy complaint

by Patrick Ouellette

A former Carol Milgard Breast Center patient, Martha Tsuru, has filed a privacy breach complaint with the Washington State Department of Health after the Tacoma, Wash. based healthcare facility mixed in her records with three other...

Kaiser Permanente notifies patients of email data breach

by Patrick Ouellette

Kaiser Permanente is alerting patients that it experienced a “human error” data breach on May 16 when an employee mistakenly emailed a spreadsheet associated with a Wellness Screening competition to a pilot planning team member who was...

Securing patient data at the file level to thwart hackers

by Moti Rafalin

Prior to a patient even seeing a physician during an appointment, they agree to share a great amount of personal information: health insurance IDs, Social Security numbers, addresses, medical histories and more. The doctors entrusted with...

ICS Collection Service alerts UCPG patients of data breach

by Patrick Ouellette

A University of Chicago Physicians Group (UCPG) collection agency, ICS Collection Service, sent out a press release this week to notify the media that 1, 344 UCPG patients’ protected health information (PHI) had been exposed on July...

Thieves steal laptop with PHI from California internist

by Patrick Ouellette

San Jose, Calif. internist Hankyu Chung, M.D. experienced a physical data breach in his building when two laptops, one unencrypted, were stolen through use of an unlocked door and crawl space. reports that one of the two...

Patients file class-action suit v. Advocate Medical Group

by Patrick Ouellette

Advocate Medical Group is facing more legal issues following its recent 4 million-patient breach that occurred on July 15. Advocate was already working with the state of Illinois and federal investigators regarding the second-largest...

Medical University of S.C. reports its largest data breach

by Patrick Ouellette

The Medical University of South Carolina (MUSC) sustained its largest breach ever between June 30 and Aug. 21 when a third-party credit card processing company compromised 7,000 patients’ data. The Summerville Journal Scene reports that...

Patient files privacy breach suit v. Torrance Memorial Medical Center

by Patrick Ouellette

A Torrance Memorial Medical Center patient is seeking damages against the organization for an alleged breach of patient privacy. Former Torrance employee Veronica Valdez filed a civil suit scheduled for January against Torrance because her...

St. Anthony’s nursing home reports 2,600-patient data breach

by Patrick Ouellette

St. Anthony’s nursing home suffered a 2,600-patient data breach on July 29 when a laptop computer and flash drive with protected health information (PHI) were stolen from a doctor’s car. According to, the laptop held...

Florida DOH finalizing drug database security proposal

by Patrick Ouellette

The Florida Department of Health (DOH) is in the process of coming up with more concrete details regarding how it plans on fixing the state’s online prescription database to alleviate fears that it will compromise patient data...

FTC files LabMD patient privacy complaint; LabMD responds

by Patrick Ouellette

As a result of LabMD, Inc. allegedly failing to reasonably protect the security of consumers’ personal data, including medical information, the Federal Trade Commission (FTC) filed a complaint this week. LabMD, a cancer detection...

CVS agrees to $250K data privacy resolution with Maryland AG

by Patrick Ouellette

CVS Pharmacy, Inc. and Maryland CVS Pharmacy, LLC reached a $250,000 agreement this week with Attorney General Douglas F. Gansler’s Consumer Protection Division because it didn’t do enough protect patient data in the eyes of the...

UT Physicians informs patients of data breach

by Patrick Ouellette

UT Physicians, The University of Texas Health Science Center at Houston (UTHealth) Medical School’s medical group practice, posted a notice on Wednesday notifying patients of an Aug. 2 data breach. The organization learned that an...

Valparaiso Fire Dept. alerts patients of ADP data breach

by Patrick Ouellette

About nine months after a Valparaiso, Ind. Fire Department ambulance data breach occurred, the Valparaiso billing company responsible for the breach, Advanced Data Processing (ADP), has sent out breach notification letters. Valparaiso...

Advocate Medical Group endures massive data breach

by Patrick Ouellette

Advocate Medical Group of Chicago is in the process of alerting more than 4 million patients of a July 15 data breach in which four unencrypted computers were stolen from a Park Ridge administrative building. This substantial breach is the...

CMS proposes 1-hour HIX data breach reporting period

by Patrick Ouellette

The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) requested emergency review in this week’s Federal Register of its proposed rule that state health insurance exchanges report data...

Alaska’s Hope Community Resources suffers data breach

by Patrick Ouellette

Hope Community Resources (HCR) of Alaska accidently exposed 3,700 disabled patients’ protected health information (PHI) in an email Monday night. The Alaska Department of Health and Social Services (DHSS) said it is investigating the...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...