September 12, 2012
news
The Office for the National Coordinator of Health IT (ONC)’s Office of the Chief Privacy Officer (OCPO) has released a Web-based security training module, called, CyberSecure: Your Medical Practice. The security training module, which was developed with the assistance of the Regional Extension Center Program's Privacy and Security Community of Practice, uses a game format.
September 11, 2012
news
Officials at the University of Miami Hospital, a 525-bed general medical and surgical facility, say the data for an unnamed amount of patients has been breached. The hospital says this happened when two employees accessed patient information from registration “face sheets,” and reportedly sold that information to a third-party.
August 22, 2012
news
According to a news report from WFTV in Osceola County, Fla., an employee at Florida Hospital Celebration Health, a 112-bed acute care facility, has been arrested by local authorities, after he allegedly accessed more than 760,000 patient records from 2009-11, and sold them. The report from WFTV says the accused former employee, 35-year-old Dale Munroe, worked as a registration representative in the emergency department, as was able to access records throughout the hospital via a computer system.
August 21, 2012 David Raths
article
Can an organizational restructuring have a big impact on data breach containment? Meredith Phillips, chief privacy officer of four-hospital Henry Ford Health System (HFHS) in Michigan, says yes.
August 20, 2012
news
For the second time in a year, the University of Texas MD Anderson Cancer Center (MD Anderson) is faced with a data breach. After a computer containing patient and research information was stolen from a physician's home was stolen in April, an unencrypted portable hard drive (a USB thumb drive) was lost by a trainee on an employee shuttle bus, the Cancer Center reported.
August 7, 2012
news
Two more hospitals have been hit with a data breach, and both were caused by burglary. Officials at the Portland-based Oregon Health & Science University Hospital (OHSU) announced that a USB drive containing data for more than 14,000 patients, 200 employee and specific patient information for 702 pediatric patients was stolen from the house of an employee recently.
August 1, 2012
news
Hartford Hospital and VNA HealthCare are the latest in a line of numerous healthcare providers that have fallen victim to a data breach. The hospital and its affiliated home healthcare organization recently announced that an unencrypted laptop computer containing personal information of some of their patients was stolen from the home of an employee of a company, Greenplum, which is a subsidiary of one of the hospital’s vendors, EMC Corp.
July 27, 2012
news
Northwestern Memorial Hospital’s Home Hospice offices were burglarized and six laptop and tablet computer devices were stolen, the Chicago-based hospital reported. According to Northwestern Memorial, it is doing an “internal investigation” to determine if any health information was compromised.
July 26, 2012
news
The Obama administration has announced the launch of a public-private partnership aimed at fighting fraud in healthcare. The collaboration is between the federal government, State officials, and various health insurance organizations, as well as other anti-fraud groups in healthcare.
July 24, 2012
news
The Health Information Trust Alliance (HITRUST) has launched the HITRUST Cyber Threat Analysis Service (C-TAS), described as a collaborative platform for cyber defense specific to the healthcare industry, a new component of the HITRUST Cybersecurity Incident Response and Coordination Center. HITRUST says its participants include health systems, health plans, pharmacy benefit managers, pharmacies and pharmaceutical manufacturers, and government organizations such as the Department of Health and Human Services and the Department of Veterans Affairs.
July 23, 2012
news
Executives at the Beth Israel Deaconess Medical Center (BIDMC) are in the process of notifying approximately 3,900 patients of a potential data breach of protected health information (PHI) due to a stolen physician personal laptop computer. According to BIDMC, the computer was stolen outside the physician’s office in May, and even though it contained a tracking device, it has not been recovered nor has the tracking device been activated.
