Fla. — After a 10-month FBI investigation into a major security breach at Florida Hospital Celebration, WFTV learned agents have arrested a former hospital employee.
Dale Munroe is accused of accessing more than 700,000 patient records in two years and then selling them.
He worked in the emergency intake area, but investigators said he accessed patient records from several different hospitals across the state.
http://www.wftv.com/news/news/local/former-employee-arrested-after-fbi-investigation-h/nRD34/
Wednesday, August 22, 2012
Stolen laptop leads to health data breach at Apria Healthcare
According to a company press release, the theft occurred on June 14, 2012, in Phoenix, Arizona; however, its ramifications could extend to California, New Mexico, and Nevada because of the laptop’s use in billing services. A report in the Arizona Daily Star has noted that 4,178 of the approximate 11,000 patients affected reside in Arizona. The California-based company immediately notified local law enforcement and began its own internal investigations, which revealed that PHI included Social Security numbers and names. Potentially, it also comprises dates of birth and other personal information.
http://ehrintelligence.com/2012/08/14/stolen-laptop-leads-to-health-data-breach-at-apria-healthcare/
http://ehrintelligence.com/2012/08/14/stolen-laptop-leads-to-health-data-breach-at-apria-healthcare/
Tuesday, August 21, 2012
Cancer Center Reports 2nd Data Breach
The University of Texas MD Anderson Cancer Center has reported its second data breach since April involving an unencrypted mobile device.
The latest incident, which occurred in July, affected about 2,220 patients and involved a USB thumb drive. An April laptop incident affected 30,000 individuals.
In the latest breach, the Houston-based cancer center says a thumb drive containing patient data and research information was lost on one of its shuttle buses on July 13. After learning of the incident on July 14, the cancer center says it launched a search for the missing device and conducted a thorough investigation, but it did not locate the missing drive, according to a statement on its website. http://www.healthcareinfosecurity.com/cancer-center-reports-2nd-data-breach-a-5048?goback=%2Egde_2729867_member_149604827
The latest incident, which occurred in July, affected about 2,220 patients and involved a USB thumb drive. An April laptop incident affected 30,000 individuals.
In the latest breach, the Houston-based cancer center says a thumb drive containing patient data and research information was lost on one of its shuttle buses on July 13. After learning of the incident on July 14, the cancer center says it launched a search for the missing device and conducted a thorough investigation, but it did not locate the missing drive, according to a statement on its website. http://www.healthcareinfosecurity.com/cancer-center-reports-2nd-data-breach-a-5048?goback=%2Egde_2729867_member_149604827
Monday, August 13, 2012
Patient Files Held for Ransom
As more patient records go digital, a recent hacker attack on a small medical practice shows the big risks involved with electronic files.
The Surgeons of Lake County, a medical facility in the northern Illinois suburb of Libertyville, revealed last month that hackers had burrowed deeply into its computer network, infiltrating a server where e-mails and electronic medical records were stored, Bloomberg.com reported on its Tech Blog.
Unlike many other data breaches, the hackers made no attempt to keep their presence a secret. In fact, they all but fired a flare to announce the break-in, taking the extreme step of encrypting their illicit haul and posting a digital ransom note demanding payment for the password.
http://www.businessweek.com/news/2012-08-10/hackers-encrypt-health-records-and-hold-data-for-ransom?goback=%2Egde_2729867_member_145623159
NOTE: This is a twist, but certainly shows that we need to protect our information.
The Surgeons of Lake County, a medical facility in the northern Illinois suburb of Libertyville, revealed last month that hackers had burrowed deeply into its computer network, infiltrating a server where e-mails and electronic medical records were stored, Bloomberg.com reported on its Tech Blog.
Unlike many other data breaches, the hackers made no attempt to keep their presence a secret. In fact, they all but fired a flare to announce the break-in, taking the extreme step of encrypting their illicit haul and posting a digital ransom note demanding payment for the password.
http://www.businessweek.com/news/2012-08-10/hackers-encrypt-health-records-and-hold-data-for-ransom?goback=%2Egde_2729867_member_145623159
NOTE: This is a twist, but certainly shows that we need to protect our information.
Friday, August 10, 2012
Burglary Leads to 2 Hospital Data Breaches
Two more hospitals have been hit with a data breach, and both were caused by burglary. Officials at the Portland-based Oregon Health & Science University Hospital (OHSU) announced that a USB drive containing data for more than 14,000 patients, 200 employee and specific patient information for 702 pediatric patients was stolen from the house of an employee recently.
http://www.healthcare-informatics.com/news-item/data-breach-hits-oregon-stanford-hospitals.
In addition, there was also a recent data breach at the Stanford Medical School. Hospital officials recently announced laptop containing information of 2,500 patients was stolen from a doctor’s office on July 15. The officials, who are notifying patients by letter, say based on tracking information installed within the software, they do not believe any information has been accessed.
http://www.healthcare-informatics.com/news-item/data-breach-hits-oregon-stanford-hospitals.
In addition, there was also a recent data breach at the Stanford Medical School. Hospital officials recently announced laptop containing information of 2,500 patients was stolen from a doctor’s office on July 15. The officials, who are notifying patients by letter, say based on tracking information installed within the software, they do not believe any information has been accessed.
Friday, August 3, 2012
Conn. AG has questions about hospital security breach
HARTFORD, Conn. (Legal Newsline) - Connecticut Attorney General George Jepsen has requested information from Hartford Hospital about why the unencrypted personal health information of approximately 9,000 patients was located on a laptop stolen from a third-party vendor.
Jepsen sent a letter to the hospital on July 16, which was also the day he was notified about the breach discovered by the hospital in late June. The letter outlined the scope of the request ranging from how the breach occurred to the steps that have been taken by the hospital and its vendors to safely guard such sensitive information.
http://www.legalnewsline.com/news/236901-conn.-ag-has-questions-about-hospital-security-breach
Jepsen sent a letter to the hospital on July 16, which was also the day he was notified about the breach discovered by the hospital in late June. The letter outlined the scope of the request ranging from how the breach occurred to the steps that have been taken by the hospital and its vendors to safely guard such sensitive information.
http://www.legalnewsline.com/news/236901-conn.-ag-has-questions-about-hospital-security-breach
Thursday, August 2, 2012
Hartford Breach Affecting 9,558 Includes
MidState Medical Center has begun sending letters to 93,500 patients whose personal information may have been compromised following the accidental loss of a computer hard drive, the hospital said in a letter to employees Tuesday.
Meantime, the offices of the Connecticut attorney general and the Department of Consumer Protection are demanding more details about what happened and what data may have been compromised.
The misplaced hard drive, which has not yet been recovered, contains patient's names, addresses, birthdates, social security numbers and medical record numbers, hospital spokeswoman Pamela Cretella said.
Subscribe to:
Posts (Atom)