More than a thousand patients treated at a variety of University of Pittsburgh Medical Center locations over the past year are being notified that their personal information was viewed inappropriately by a former employee.
A UW Medicine employee opened an email attachment and unknowingly downloaded malware, which led to the compromise of about 90,000 patients of Seattle-based Harborview Medical Center and University of Washington Medical Center.
Jay Radcliffe showed how his insulin pump was vulnerable to a remote takeover.
Florida Digestive Health Specialists LLP is notifying about 4,400 patients that a former employee improperly accessed their personal information and photographed the data.
More than 8,000 patients of University of California, San Francisco are receiving notification letters after a possibly unencrypted laptop that contained the personal information was stolen from a physician's vehicle.
Thousands of doctors at Anthem Blue Cross of California are being notified that their personal information was mistakenly posted online.
More than a thousand patients of a California hospital are being notified that their personal information may have been compromised.
Thousands of city workers in Milwaukee, as well as their spouses and domestic partners, had personal information compromised after a flash drive that contained the data was stolen.
More than 11,000 patients and some employees of Colorado-based kidney care company DaVita are being alerted after an unencrypted laptop containing their personal data was stolen from a staffer's vehicle.
The HealthCare Information Security and Privacy Practitioner (HCISPP) certification program was introduced on Monday.
The device records the wearer's body temperature and uploads the data to any Android device via Bluetooth.
Two former nurses' aides for Virginia-based nonprofit Sentara Healthcare have pleaded guilty to accessing thousands of electronic patient records and using the information to file fraudulent tax returns.
An employee of a staff physician at Boone Hospital Center in Missouri was fired after inappropriately accessing patient information on the hospital network.
The theft of two laptops has led to a compromise of personal information, including Social Security numbers, for more than 700k patients of California-based AHMC hospitals.
In a TV interview, Cheney revealed that the wireless feature of his defibrillator was disabled due to concerns of an assassination attempt.
A system settings error caused financial statements to be mailed to roughly 8,000 people who received care from a Wisconsin hospital, but an undisclosed number were sent to unauthorized persons.
An employee with North Carolina-based CaroMont Health sent out an insecure email containing personal information on more than 1,300 patients.
More than 3,500 patients of University of California San Francisco Medical Center may have had data compromised after a hospital laptop was stolen from an employee's vehicle.
Nearly two thousand patients may have personal information at risk after an unauthorized user accessed an electronic medical record system for Iowa-based UnityPoint Health.
Patients treated this year at St. Mary's Janesville Hospital in Wisconsin may have had personal data compromised when a health care laptop was stolen from the car of an employee.
Criminals leverage medical devices for targeted attacks, says Dale Nordenberg of the Medical Device Innovation, Safety and Security Consortium. Karen Epper Hoffman reports.
Patients of California-based Santa Clara Valley Medical Center had their medical data compromised when an unencrypted laptop was stolen from the audiology department.
Business associates of HIPAA-covered entities are now legally bound to follow the same guidelines when securing patients' protected health information.
A Kaiser Permanente employee sent out an email with an attachment that contained personal information on hundreds of patients.
The number of victims fooled by spurious emails or fake websites has doubled since last year, and experts say the scams are still under-reported.
Card information for thousands of Medical University of South Carolina patients may be at risk following a malicious attack on its third party card payment vendor.
A laptop and flash drive containing health information for thousands of patients of St. Anthony's Medical Center in St. Louis was stolen from a doctor's car.
The Federal Trade Commission alleges that the medical testing provider exposed the data of more than 9,000 consumers, putting them at risk of identity theft.
The specialized computer, which works in tandem with a health center medical machine, contained patient data and images.
A document containing personal information inadvertently was attached to an Alaska nonprofit's mass distributed email survey, which, among other questions, asks clients how they believe the entity handles their sensitive health care materials.
Thieves stole four unencrypted computers from an administrative building of Advocate Medical Group in Chicago.
A medical clinic worker was fired after stealing an external drive containing personal medical information on thousands of patients.
Emailing protected health information (PHI) to a personal email address cost one Rocky Mountain Spine Clinic employee her job last week.
A California-based medical group experienced a data breach when a laptop containing sensitive patient information was stolen.
Security researcher Jay Radcliffe dug deeper into the medical device's flaw after he experienced a dangerous mishap.
Health records for 2,000 Fairfax County public school students could be exposed after a laptop was stolen from a school nurse's vehicle.
More than 3,000 patients at an Oregon hospital were notified of their information being stored in an unauthorized cloud service.
San Jose Medical Supply Co. in California has filed a lawsuit against former employees for allegedly disclosing customer information to two competitors, which it also is suing.
Nearly 20,000 University of Virginia students were affected when Social Security numbers were mistakenly printed on mailing address labels.
The New York State Office of the Medicaid Inspector General (OMIG) suspects an employee of forwarding more than 17,000 records to personal email account.
A Long Beach Memorial Medical Center employee may be responsible for a data breach that is said to have impacted thousands of patients.
Health care organizations with multiple locations need systems in place to manage health information security systems, and it all starts with their firewalls.
More than a dozen patient records, including at least one celebrity, were accessed by employees at a Los Angeles hospital.
Stolen health insurance dossiers can earn their sellers more than a thousand dollars, a senior researcher at Dell SecureWorks reports.
Hundreds of thousands of patients potentially exposed after hospital records from Texas Health Harris Methodist Hospital Fort Worth turn up in Dallas park.
The Indianapolis-based health insurer must pay the Department of Health and Human Services $1.7 million to avoid heftier fines under HIPAA for its 137-day long breach ending in 2010.
The leaked information was from the Michigan Department of Community Health, which is notifying impacted individuals.
Information for more than 2,000 patients was lost when a Nebraska doctor's thumb drive went missing.
The personal information of former patients and employees at the Mental Health Institute in Independence, Iowa, as well as workers at other state facilities, may have been exposed after a backup computer tape went missing.
Patients of the Veterans Affairs hospital in Fayetteville, N.C., may have had their personal information exposed after more than 1,000 personal records were improperly disposed of.
The laptop was stolen from Monterey Park, Calif.-based SynerMed.
The incident impacted patients at the Center for Language, Speech and Hearing at the University of Massachusetts Amherst.
More than 1,000 patients were affected by the breach after a hospital employee, as part of a routine update, accidentally exposed the information.
The U.S. Department of Health and Human Services continues to ramp up its investigations of health care-related entities as a result of breaches.
The sensitive information, including names, addresses, and Social Security numbers, went missing from a third-party vendor's warehouse.
A routine email sent to Dent Neurologic Institute patients mistakenly included the sensitive data of others receiving treatment.
Other personal information, such as names, contact information and dates of birth, was also compromised.
The laptop was password protected, but not encrypted. The theft marks the second breach in just over a year that affected the university health care system.
The California Department of Public Health announced that the data included names, addresses, Social Security numbers, and medical information.
Concerns over identity theft affecting senior citizens prompted the hearing.
The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.
Last week, hospital officials began notifying patients of the February theft.
The records were stored by storage provider working with Glens Falls Hospital in New York.
The psychologist was a private contractor for Washington's Department of Social and Health Services.
Health providers have pressing reasons to now embrace security, says INTEGRIS Health's John Delano. Karen Epper Hoffman reports.
Officials at the University of Mississippi Medical Center posted an online notice, saying they had "insufficient contact information" to individually notify those potentially compromised.
Sen. Stuart Reid (R-Utah) began drafting the bill last year, following a massive breach in the state of nearly 800,000 Medicaid records.
Cbr Systems, a California registry that collects and stores umbilical cord blood and tissue, will face biennial audits for the next 20 years.
Earlier this month, an unencrypted laptop was stolen from the car of a physician at Lucile Packard Children's Hospital.
The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security rules undergo their biggest changes since the legislation was passed in 1996.
This time, an employee for a Medicaid contractor lost an unencrypted USB drive containing personal data.
Researchers have exploited critical vulnerabilities in two popular medical management platforms used in a host of services, including assisting surgeries and generating patient reports.
More than six months after the incident, affected individuals were notified of the breach at UNC Lineberger Comprehensive Cancer Center in Chapel Hill, N.C.
The personal information of patients at three health systems in Virginia, New Jersey and Michigan was exposed.
The Hospice of North Idaho will pay $50,000 to the U.S. Department of Health and Human Services following a breach that affected 441 patients -- an indication that the agency is not letting even small incidents slide.
A laptop, stolen from a hospital employee's home, could have included the sensitive data of nearly 30,000 patients.
The California Medical Assistance Program (Medi-Cal) accidentally posted online the sensitive information of several thousand individuals.
A recent survey from the Ponemon Institute and ID Experts found that breaches are costing the health care industry an average of $7 billion annually.
A laptop containing the unencrypted personal records of Alere Home Monitoring customers was stolen from an employees car.
Missing information includes ultrasound images, names, birth dates and Social Security numbers of patients who visited two health facilities.
The breach compromised the personal information of about 27,000 patients at Blount Memorial Hospital in Maryville, Tenn.
The provincial government of British Columbia has fired four employees and suspended three others after allegations that health data was shared inappropriately.
Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates have agreed to pay $1.5 million to settle potential HIPAA violations.
Police are investigating a data breach incident at the University of Miami Hospital, where two employees were fired for stealing patient data, and possibly selling the sensitive information.
The laptop of an employee of Indianapolis-based Cancer Care Group was stolen, exposing the information of patients and staff.
Stolen laptop at Apria Healthcare exposes patient data
The computer theft marks the second breach of patient data in a year at Stanford Hospital.
A USB drive with data on 14,300 patients of Oregon Health & Science University in Portland was stolen from the home of an employee on July 4 or 5.
The apps used on mobile devices connected to its network contained sensitive data, so a medical device manufacturer needed to ensure that access control and authorization policies were enforced.
An unencrypted laptop containing the personal data of roughly 10,000 medical patients was stolen from a hospital vendor employee's home.
A desktop computer storing personal health information was stolen from NYU Langone Medical Center.
Beth Israel Deaconess Medical Center (BIDMC) in Boston is warning thousands of patients that their personal health information was contained on a laptop that was stolen.
The personal medical data of nearly 13,000 students and staff at Canada's British Columbia Institute of Technology (BCIT) may have been exposed.
An unencrypted laptop containing patient data was stolen in late April from the home of a doctor working for The University of Texas M.D. Anderson Cancer Center.
Heightened HIPAA enforcement continues, with the U.S. Health and Human Services taking its first-ever action against a state agency after a breach prompted an investigation.
For more than six years, the personal and medical data of hundreds of patients of Memorial Sloan-Kettering Cancer Center (MSKCC) in New York was publicly available on the web.
An employee of the Boston Children's Hospital lost a laptop holding patient information.
An apologetic governor of Utah on Tuesday announced the resignation of the state's executive director of technology services, and the hiring of two others, following a massive breach affecting Medicaid claimants.
Health care traditionally, compared with other industries, has lagged in terms of cyber defense, but with attackers now specifically targeting these organizations for patient data, inaction is no longer an option.
Is health care a last frontier for today's cyber criminals?