Skip to content Skip to navigation

Hospice Breach Affects More Than 5,000 Patients

April 8, 2013
by Rajiv Leventhal
| Reprints

Hospice of Alamance Caswell and LifePath Home Health have notified approximately 5,370 current and past patients, or their next of kin, about a breach of unsecured personal patient protected health information after an incident occurred at their office.

On Feb. 24, there was a break-in at their main office building in Burlington, N.C., officials said. During the break-in, three laptops were stolen that are used in connection with the provision of care to patients in their own homes. Although the patient database stored on the laptops was fully encrypted to conform to industry standards, the laptops also contained unencrypted e-mails that contained limited patient health information about a small percentage of patients. The laptops have not been recovered at this time.

According to officials, the perpetrators also had access to rooms that contain paper medical and billing records. The police investigation did not reveal any evidence that any record was touched or viewed, and no records were taken. These paper medical records contained personal information, including name, address, phone number, date of birth, Medicare or other health insurance number, prescribed medications, and full or partial Social Security numbers.

Although it does not appear that the files were viewed, Hospice has said there is no way of knowing whether the files were actually viewed. As of this date Hospice has not received any indication that the information has been accessed or used by an unauthorized individual.

“Hospice of Alamance Caswell understands the importance of safeguarding our patients’ personal information and takes that responsibility very seriously,” Peter Barcus, executive director, said in a statement. “We will do all we can to work with our patients or their loved ones whose personal information may have been compromised and help them work through the process. We sincerely regret that this incident has occurred, and we are committed to prevent future such occurrences. We appreciate our patients’ and families’ support during this time.”

Topics

News

IBM Security: Healthcare Cyber Attacks Prevalent, but Less Records Breached in ’16

A new report from IBM Security found that healthcare—not too long ago the most attacked industry by cyber criminals—fell out of the top five of most breached industries.

FBI Notification: Cyber Criminals Targeting FTP Servers to Compromise PHI

The Federal Bureau of Investigation issued a warning that cyber criminals are actively targeting File Transfer Protocol (FTP) servers operating in “anonymous” mode and associated with medical and dental facilities to access protected health information (PHI).

Texas HIE Approved as CMS Qualified Registry

Healthcare Access San Antonio (HASA), a health information exchange (HIE) organization in San Antonio and surrounding Texas counties, has received clearance from the Centers for Medicare & Medicaid Services (CMS) to become a qualified registry.

Media Report: Evolent Health Exploring Merger with Advisory Board

Evolent Health, an Arlington, Va.-based healthcare technology provider, is exploring a potential combination with The Advisory Board, a Washington, D.C.-based healthcare consulting firm, according to a report from Reuters published on Friday.

Urology Austin Falls Victim to Ransomware Attack, Alerts 200K Patients

The Texas-based Urology Austin has acknowledged that it fell victim to a ransomware attack in January, and has since notified some 200,000 patients that their information might have been breached.

University of Maryland Medical System Earns HIMSS Stage 6 Recognition

The University of Maryland Medical System (UMMS), based in Baltimore, has achieved Stage 6 on HIMSS Analytics’ Electronic Medical Record Adoption Model (EMRAM) for the ambulatory environment.