Healthcare Information Security

PHI Data Breaches

Former UPMC Worker Indicted for HIPAA Violations

July 2, 2018 - Linda Sue Kalina, a former patient information coordinator at University of Pittsburgh Medical Center (UPMC), was indicted by a federal grand jury in Pittsburgh for HIPAA violations. The Butler County resident was charged on six counts of wrongfully obtaining and disclosing PHI of another person, the Department of Justice (DoJ) announced June 29. Kalina was employed as a patient information...


More Articles

PHI Data Security at Risk in Medtronic’s N’Vision Programmer

by Fred Donovan

Medtronic’s N’Vision clinical programmer does not encrypt protected health information (PHI) or personally identifying information (PII) stored on the machine, putting PHI data security at risk to an attacker with physical access...

Public Server Exposure Creates PHI Data Security Worries for 200K

by Fred Donovan

Unsecured files on a public FTP server maintained by Arkansas-based practice management software provider MedEvolve may have caused a PHI data security breach for more 200,000 patients, reported DataBreaches.net. Most of the patient files on...

OCR To Share HIPAA Data Breach Settlements With Victims

by Fred Donovan

OCR is proposing to share a percentage of HIPAA data breach settlements with victims, as required by the HITECH law. In the HHS semiannual regulatory agenda, OCR said it is soliciting the public’s view on establishing a methodology for...

Reported Malware Creates PHI Data Security Concern for 12K in FL

by Fred Donovan

Malware that infected a number of Florida Hospital websites may have created a PHI data security issue, the Orlando Sentinel reported May 2. Patient information that could have been exposed includes patient names, email addresses, phone numbers,...

Texas Health Says 3,808 Affected by Healthcare Data Breach

by Fred Donovan

Texas Health Physicians Group recently disclosed that an unauthorized third party had gained access to some of its email accounts, resulting in a healthcare data breach that affected close to 4,000 patients. The information that was accessed...

Blue Shield of California Reports PHI Data Breach

by Fred Donovan

Blue Shield of California admitted to a PHI data breach involving an insurance broker who was not authorized to receive patient information, according to a breach notification submitted to the California Attorney General’s Office. ...

Federal Lawsuit Filed Following Alleged CVS Health Data Breach

by Elizabeth Snell

Three plaintiffs filed a federal lawsuit on March 21, 2018, claiming that a CVS Health data breach exposed the PHI of over 6,000 individuals, including revealing the HIV status of the individuals.  CVS Health, Caremark LLC (a subsidiary...

Healthcare Data Breach Leads to Identity Theft Guilty Plea

by Elizabeth Snell

Robert Ashley Bond of Thackerville, Oklahoma recently pled guilty to charges over his alleged involvement in a 2017 healthcare data breach.  The United States Attorney’s Office for the Eastern District of Oklahoma announced that...

SAMBA Mailing Error Creates Data Security Concern for 13.9K

by Elizabeth Snell

A programming error that occurred during the preparation process for mailing out certain IRS tax forms may have led to documents being sent to the wrong recipients, creating a data security concern for some individuals, according to SAMBA Federal...

Proper Paper Records Disposal Necessary for PHI Data Security

by Elizabeth Snell

Even as healthcare providers are increasingly implementing EHRs and patient data is being transferred to electronic form, organizations cannot overlook PHI data security measures with their paper records. Researchers at Toronto's St. Michael's...

Primary Health Care PHI Data Security Incident Affects 10K

by Elizabeth Snell

Unauthorized access to employee email accounts may have led to a PHI data security incident at Primary Health Care Inc. (PHC), according to an organization statement. PHC discovered the access to four employee accounts and the related Google...

Banner Health Data Breach Part of OCR Investigation

by Elizabeth Snell

The 2016 Banner Health data breach is reportedly being investigated by OCR, although it is currently not possible to estimate the range of potential fines from the agency, according to consolidated financial statements. An Ernst & Young year-end...

Potential PHI Exposure at BJC HealthCare Impacts 33K

by Elizabeth Snell

An internal security scan revealed that there was a data server configuration error, allowing potential PHI exposure at BJC HealthCare. The Missouri-based organization revealed in an online statement that 33,420 patients may have had their information...

What the CareFirst Data Breach Decision Means for Healthcare

by Elizabeth Snell

In February 2018, the US Supreme Court denied certiorari in the CareFirst data breach case. CareFirst had requested the Court review the class action lawsuit against it that came from two separate incidents. The first occurred in June 2014, followed...

134K Possibly Affected in St. Peter’s Server Data Breach

by Elizabeth Snell

An unauthorized third party gained access to St. Peter’s Surgery & Endoscopy Center (the Center) servers on January 8, 2018, according to an online statement. The potential data breach was discovered on the same day of the infiltration,...

Reported Kansas PHI Data Breach Could Involve Info of 11K

by Elizabeth Snell

An unauthorized email from a Kansas Department for Aging and Disability Services (KDADS) employee was sent to a group of business associates, which created a possible PHI data breach, according to a KDADS online statement. KDADS became aware...

58% of Healthcare PHI Data Breaches Caused by Insiders

by Elizabeth Snell

Reducing paper-based PHI and establishing a holistic risk management program are critical ways organizations can work toward healthcare PHI data breach prevention, according to Verizon research. Healthcare is the only industry where insider threats...

70K Notified in Tufts Health Plan Data Breach in Vendor Error

by Elizabeth Snell

A vendor that handles the mailing of member identification (ID) cards reportedly sent out envelopes with patient information visible in the mailing window, which created a Tufts Health Plan data breach. Tufts Medicare Preferred ID cards were...

Healthcare Ransomware Attack Affects 6.5K at AL Practice

by Elizabeth Snell

A healthcare ransomware attack allowed an unknown hacker to gain access to EMR software containing patient medical records, Jemison Internal Medicine, PC (JIM) announced on its website. The Alabama-based practice said the virus encrypted its...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks