Hartford Hospital and VNA HealthCare are the latest in a line of numerous healthcare providers that have fallen victim to a data breach. The hospital and its affiliated home healthcare organization recently announced that an unencrypted laptop computer containing personal information of some of their patients was stolen from the home of an employee of a company, Greenplum, which is a subsidiary of one of the hospital’s vendors, EMC Corp.
According to leaders at Hartford Hospital, Greenplum was performing data analysis for EMC on its behalf as part of a quality improvement aimed at reducing readmissions. The theft was immediately reported by the employee to the local police department, according to Hartford Hospital, which also says EMC began an investigation and informed them of the theft.
The hospital says the computer contained information on 7,461 VNA HealthCare patients and 2,097 Hartford Hospital patients. It included names, addresses, dates of birth, marital status, Social Security numbers, Medicaid and Medicare numbers, medical record numbers and certain diagnosis and treatment information. The information on the employee’s laptop was not encrypted.
Hartford Hospital says it is notifying affected patients, and offering two years of free credit monitoring. It has also established a call center for assistance, and has gotten EMC to destroy all Hartford Hospital and VNA Healthcare data in its possession.
This is just the latest in a string of health data breaches that have reportedly occurred across the country, in Chicago, Boston, Houston, and elsewhere
Officials from Carequality have stated that there are now more than 150,000 clinicians across 11,000 clinics and 500 hospitals live on its network. These participants are also able to share health data records with one another, regardless of technology vendor.
While stolen financial data still has a higher market value than stolen medical records, as financial data can be monetized faster, there are indications that there is ongoing development of a market for stolen medical data, according to an Intel Security McAfee Labs report.
A phishing scam at Baystate Health in Springfield, Mass. has potentially exposed the personal data of 13,000 patients, according to a privacy statement from the patient care organization and a report from MassLive.
In an update, DirectTrust reported significant growth in Direct exchange of health information and the number of trusted Direct addressed enabled to share personal health information (PHI) in the third quarter of 2016.
Eleven private insurers, including Aetna, Humana and Anthem, are urging the Congressional Budget Office (CBO) to consider the experience of commercial insurers when evaluating the impact of telemedicine coverage in Medicare.