Skip to content Skip to navigation

Hospice Breach Affects More Than 5,000 Patients

April 8, 2013
by Rajiv Leventhal
| Reprints

Hospice of Alamance Caswell and LifePath Home Health have notified approximately 5,370 current and past patients, or their next of kin, about a breach of unsecured personal patient protected health information after an incident occurred at their office.

On Feb. 24, there was a break-in at their main office building in Burlington, N.C., officials said. During the break-in, three laptops were stolen that are used in connection with the provision of care to patients in their own homes. Although the patient database stored on the laptops was fully encrypted to conform to industry standards, the laptops also contained unencrypted e-mails that contained limited patient health information about a small percentage of patients. The laptops have not been recovered at this time.

According to officials, the perpetrators also had access to rooms that contain paper medical and billing records. The police investigation did not reveal any evidence that any record was touched or viewed, and no records were taken. These paper medical records contained personal information, including name, address, phone number, date of birth, Medicare or other health insurance number, prescribed medications, and full or partial Social Security numbers.

Although it does not appear that the files were viewed, Hospice has said there is no way of knowing whether the files were actually viewed. As of this date Hospice has not received any indication that the information has been accessed or used by an unauthorized individual.

“Hospice of Alamance Caswell understands the importance of safeguarding our patients’ personal information and takes that responsibility very seriously,” Peter Barcus, executive director, said in a statement. “We will do all we can to work with our patients or their loved ones whose personal information may have been compromised and help them work through the process. We sincerely regret that this incident has occurred, and we are committed to prevent future such occurrences. We appreciate our patients’ and families’ support during this time.”

Topics

News

Truven Health Analytics Identifies 15 Top Health Systems Based on Clinical, Administrative Performance

April 28, 2016
A study by Truven Health Analytics found that the top-performing multi-hospital health systems in the U.S. achieved higher survival rates and fewer errors at a lower overall treatment cost.

Report: Privilege Misuse and End User Errors Leading Threats to Healthcare Security

April 28, 2016
End users are often the weakest link in an organization’s cyber defense as cyber criminals exploit human nature to execute attack patterns such as phishing, according to Verizon Enterprise’s 2016 Data Breach Investigations Report.

Survey: Execs Optimistic on Future of Health IT

April 27, 2016
Healthcare executives support electronic health records (EHRs) and a move to even wider communication amongst technology systems in the future, according to a new survey from financial services firm CIT Group and Harris Poll.

House Introduces HHS Data Protection Act of 2016

April 27, 2016
Two House Energy and Commerce Committee members have introduced a bill that would reform the Department of Health and Human Services (HHS) to designate the HHS Chief Information Security Officer (CISO) as the primary authority on all matters of information security at the agency.

Practice Fusion Joins Federal Interoperability Pledge

April 26, 2016
Practice Fusion, the cloud-based electronic health record (EHR) vendor from San Francisco, has become the latest technology company to sign the interoperability pledge introduced by the Department of Health and Human Services (HHS) at HIMSS16 in Las Vegas earlier this year.

Hospital Safety Scores Report Indicates Avoidable Deaths Remain High

April 26, 2016
There is a 50 percent higher risk of avoidable death at a hospital that received a Hospital Safety Score of D or F compared to hospitals that have received A grades, according to the Leapfrog Group's newly updated hospital safety scores.

AHA Brief: Coverage for Telehealth Services Not Keeping Pace with Care Delivery Innovations

April 26, 2016
There is a growing body of evidence that telehealth can not only expand access to services but also create cost savings, yet limited coverage impedes the expansion of telehealth services, the American Hospital Association wrote in a recent brief on telemedicine.

Geisinger’s MyCode Genomic Study Hits Milestone of 100K Participants

April 26, 2016
Geisinger Health System, based in Danville, Pa., announced this week that it has signed up 100,000 recruits for its major biobank and DNA sequencing study known as the MyCode Community Health Initiative.

Survey: Docs Frustrated with Manual Prior Authorization Processes

April 26, 2016
A survey of more than 300 physicians, clinical and administrative staff, and electronic health record (EHR) vendors conducted by Surescripts, the Arlington, Va.-based operator of a national clinical electronic network, revealed that providers are growing frustrated with manual processes around prior authorization.

UMMC Plans to Open School of Population Health in 2017

April 25, 2016
The University of Mississippi Medical Center has announced plans to open a new School of Population Health focused on preventive medicine, data science and population health science. The new school is slated to open in 2017.

Maine Governor Signs Mandatory E-Prescribing Bill into Law

April 25, 2016
Just one month after a law in New York state went into effect mandating the electronic prescribing of all controlled and non-scheduled drugs, Maine Gov. Paul R. LePage signed into a law a bill that requires the electronic prescribing of controlled substances for opioids in his state.

Orthopedic Clinic Pays $750K HIPAA Settlement For Disclosing PHI Without a Business Associate Agreement

April 22, 2016
Raleigh Orthopaedic Clinic of North Carolina agreed this week to pay $750,000 to settle charges that it allegedly violated privacy rules by providing patients’ protected health information (PHI) to a business partner without first executing a business associate agreement.

U.S. Coast Guard Terminated Contract with Epic for EHR Implementation

April 22, 2016
The U.S. Coast Guard terminated its contract with Epic to implement an electronic health record (EHR) system, which expanded into an Integrated Health Information System (IHiS), citing concerns about cost and technical complexity, a USCG representative confirmed.

New York Presbyterian Hospital to Pay $2.2 Million for Disclosure of Patients’ PHI

April 22, 2016
The Department of Health and Human Services (HHS), Office for Civil Rights (OCR) this week announced it had reached a $2.2 million settlement with New York Presbyterian Hospital (NYP) related to the unauthorized filming of two patients for an episode of “NY Med.”

Intermountain, Stanford Partner on Clinical Genomics Initiative

April 22, 2016
Intermountain Healthcare and the Stanford Genome Technology Center (SGTC) have established a new collaborative research program with the aim of producing scientific advances in precision health and medicine.

Pages