According to an analysis by the Health Information Trust Alliance (HITRUST), regulated health care organizations that have reported health information breaches of 500 or more people could cumulatively spend upwards of $1 billion in related costs.
Since the Health Information Technology for Economic and Clinical Health Act or HITECH Act of 2009 came to being, a number of new privacy, security and reporting and non-compliance penalty provisions went into effect. And as summarized by this report from HITRSUT, there have been 108 entities who have reported security breaches since September of last year.
Those breaches comprise about 4 million people and records.
http://www.informationweek.com/blog/main/archives/2010/08/analysis_health.html
MIAOULIS NOTE: This articles points out an average of $204 per individual breach.
Sunday, August 29, 2010
Medical records stolen from Ky. hospital
LEXINGTON, Ky. -- Medical records for more than 2,000 people were stolen from the University of Kentucky hospital, prompting the facility to issue an alert for identity theft.
The Lexington Herald-Leader reports that the records were taken from the Department of Pediatrics Newborn Screening Program.
The university said it is notifying 2,027 people that a laptop containing patients' personal information was stolen between June 18 and June 21. That information included patient names, dates of birth, diagnoses, mothers' names and, in some cases, Social Security numbers of mothers in the Newborn Screening Program.
The stolen laptop had been stored in a locked private office. The theft was reported to the university police department.
http://www.kentucky.com/2010/08/22/1402709/medical-records-stolen-from-ky.html
The Lexington Herald-Leader reports that the records were taken from the Department of Pediatrics Newborn Screening Program.
The university said it is notifying 2,027 people that a laptop containing patients' personal information was stolen between June 18 and June 21. That information included patient names, dates of birth, diagnoses, mothers' names and, in some cases, Social Security numbers of mothers in the Newborn Screening Program.
The stolen laptop had been stored in a locked private office. The theft was reported to the university police department.
http://www.kentucky.com/2010/08/22/1402709/medical-records-stolen-from-ky.html
Wednesday, August 18, 2010
Laptop With Health Information Stolen from Yale Med School
The security of personal health information of up to 1,000 people could have been compromised when a laptop was stolen from Yale Medical School.
Attorney General Richard Blumenthal said his office is investigating to determine what caused the security breach and whether state or federal laws have been violated.
http://www.nbcconnecticut.com/news/local-beat/Laptop-With-Health-Information-Stolen-from-Yale-Med-School--101007259.html
Attorney General Richard Blumenthal said his office is investigating to determine what caused the security breach and whether state or federal laws have been violated.
http://www.nbcconnecticut.com/news/local-beat/Laptop-With-Health-Information-Stolen-from-Yale-Med-School--101007259.html
Sunday, August 15, 2010
Car thieves get personal data on Portland psychology patients
Car burglars in the past week have made off with personal records of 4,000 patients of a Portland psychologist and the names and Social Security numbers of 2,900 jobless Multnomah County residents.
Psychologist David Gostnell is alerting his patients after an unsecured laptop that contained personal information was stolen from his vehicle Saturday.
http://www.oregonlive.com/portland/index.ssf/2010/08/car_thieves_get_personal_data.html
Psychologist David Gostnell is alerting his patients after an unsecured laptop that contained personal information was stolen from his vehicle Saturday.
http://www.oregonlive.com/portland/index.ssf/2010/08/car_thieves_get_personal_data.html
Patients’ files left at public dump - 4 Hospitals
Four Massachusetts community hospitals are investigating how thousands of patient health records, some containing Social Security numbers and sensitive medical diagnoses, ended up in a pile at a public dump.
The unshredded records included pathology reports with patients’ names, addresses, and results of breast, bone, and skin cancer tests, as well as the results of lab work following miscarriages.
By law, medical records and documents containing personal identifying information must be disposed of in a way that protects privacy, and leaving them at a dump is probably illegal, privacy lawyers and hospital officials said. Violators face steep fines.
http://www.boston.com/news/health/articles/2010/08/13/mass_hospitals_investigate_exposure_of_records/
The unshredded records included pathology reports with patients’ names, addresses, and results of breast, bone, and skin cancer tests, as well as the results of lab work following miscarriages.
By law, medical records and documents containing personal identifying information must be disposed of in a way that protects privacy, and leaving them at a dump is probably illegal, privacy lawyers and hospital officials said. Violators face steep fines.
http://www.boston.com/news/health/articles/2010/08/13/mass_hospitals_investigate_exposure_of_records/
Sunday, August 8, 2010
Fort Worth medical clinic spends $15,000 notifying patients of theft
FORT WORTH -- In June, employees at a Fort Worth allergy clinic discovered that the office door had been kicked in and four computers containing patients' personal information including Social Security numbers and birth dates had been stolen.
This week Fort Worth Allergy and Asthma Associates spent $15,000 mailing letters notifying the clinic's 25,000 patients of the burglary. The stolen computer database also contained patient's addresses and diagnoses, Dr. Robert Rogers said.
http://www.star-telegram.com/2010/08/06/2389717/fort-worth-medical-clinic-spends.html
This week Fort Worth Allergy and Asthma Associates spent $15,000 mailing letters notifying the clinic's 25,000 patients of the burglary. The stolen computer database also contained patient's addresses and diagnoses, Dr. Robert Rogers said.
http://www.star-telegram.com/2010/08/06/2389717/fort-worth-medical-clinic-spends.html
Wednesday, August 4, 2010
Thumb Drive Lost or Stolen----
Camden police are continuing to investigating the disappearance of a computer-storage device with employee information from Cooper University Hospital. The flash drive, reported missing earlier this month, contained personal data on residents and fellows -- doctors in the final stages of medical training, Cooper spokeswoman Lori Shaffer said.
"No patient information or patient records are involved," she said.
It was not immediately known whether the storage device had been lost or stolen.
http://www.courierpostonline.com/article/20100728/NEWS01/100728075/Cops-seek-clues-in-missing-personal-data-from-Cooper
MIAOULIS NOTE: This is just another example that organizations need to focus on mobile media (laptops, thumbdrives, CDs, email, etc.) and encrypt, encrypt and encrypt...
"No patient information or patient records are involved," she said.
It was not immediately known whether the storage device had been lost or stolen.
http://www.courierpostonline.com/article/20100728/NEWS01/100728075/Cops-seek-clues-in-missing-personal-data-from-Cooper
MIAOULIS NOTE: This is just another example that organizations need to focus on mobile media (laptops, thumbdrives, CDs, email, etc.) and encrypt, encrypt and encrypt...
Subscribe to:
Posts (Atom)