Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

About 18K doctors may have had Social Security numbers exposed

About 18,000 doctors had Social Security numbers included in rosters provided to the Department of Managed Health Care by Blue Cross of California.

St. Vincent Breast Center mails 63K letters to wrong people

St. Vincent Breast Center mailed more than 63,000 letters containing personal information to the wrong people due to a clerical error.

Most health care vendors earn 'D' in data protection, study finds

Most health care vendors earn 'D' in data protection, study finds

A security intelligence report analyzed 150 health care vendors, both small and large.

Salina Family Healthcare Center email gaffe impacts about 10K patients

A Salina Family Healthcare Center employee inadvertently left patient information in a database that was submitted to the National Commission for Quality Assurance.

Laptop stolen from Calif. hospital stored data on more than 500 patients

Riverside County Regional Medical Center has notified 563 patients that their data was on a laptop stolen from a hospital procedure room.

Employee accesses nearly 100K patient files in NRAD Medical Associates breach

A former employee radiologist accessed and acquired data on as many as 97,000 current and former patients of NRAD Medical Associates.

San Diego hospital breach investigation reveals second incident, both human error

An investigation into a Rady Children's Hospital breach involving more than 14,000 patients revealed a separate incident involving more than 6,000 patients.

Penn State Hershey employee takes data home, puts 1,801 patients at risk

A clinical laboratory technician took patient data home, outside the secured Penn State Hershey Medical Center system.

HIPAA shake: Health care

HIPAA shake: Health care

Adherence to HIPAA, the national law that aims to protect patient information, is about to get trickier, reports Alan Earls.

Former employee accessed Bay Park Hospital patient data for a year

An employee of Bay Park Hospital in Ohio accessed information on about 600 patients over the course of a year.

Four computers containing patient data stolen in New Hampshire

More than 1,200 patients of Elliot Hospital in New Hampshire are being notified that their personal information was on four computers that were stolen from an employee's vehicle.

Unencrypted USB drive stolen, 3,000 Humana members in Atlanta impacted

In Georgia, an encrypted laptop and unencrypted USB drive containing information on nearly 3,000 members of health care provider Humana were stolen from an associate's vehicle.

Keylogger malware found on three UC Irvine health center computers

Student and non-student data may have been compromised after keylogger malware was discovered on three computers in the University of California, Irvine, Student Health Center.

Columbia University, NY hospital to pay $4.8 million HIPAA fine

Columbia University, NY hospital to pay $4.8 million HIPAA fine

The agreement marks the largest HIPAA settlement to date.

SSNs on postcards sent to 5,000 former Molina Healthcare members

Social Security numbers may have been printed on postcards sent to more than 5,000 former members of New Mexico-based Molina Healthcare.

Insider breach affects about 2,400 UMass Memorial Medical patients

A former UMass Memorial Medical Center employee accessed patient data, and the information could have been used to open commercial accounts.

Patient data accessible after health staffers act on phishing emails

Unauthorized access may have been gained to the email accounts, which contained patient data, of a small group of Centura Health employees after they responded to phishing emails.

Vendor fired for risking data on 15K Boston Medical Center patients

Boston Medical Center fired a vendor that did not use password protection on a website used by physicians to store patient records.

Humana co. pays HHS $1.7 million after unencrypted laptop breach

A Texas-based company, Concentra, paid the HIPAA settlement stemming from a 2011 breach.

Anonymous might be culprit behind apparent DDoS attack on children's hospital

No evidence directly links the group to the attacks, but clues hint at Anonymous' signature traits.

Tufts Health Plan data stolen, 8,830 members impacted

Roughly 8,830 current and former members of Tufts Health Plan are being notified that their personal information was stolen.

DDoS attack almost crashes children's hospital website

Officials haven't confirmed a DDoS scheme, but noted the attackers hit the hospital's website with large attacks designed to overwhelm it with traffic.

Feds warn health care sector of looming cyber attacks

The FBI believes that the lax security systems that the health care industry has in place make it a prime target for cyber attacks.

Second burglary breach within a month for Coordinated Health

More than 700 Pennsylvania patients have been impacted after Coordinated Health experienced its second burglary-related data breach within a month.

Fate of unencrypted drive unknown, PHI of 5,500 in Virginia at risk

A Virginia-based chiropractic center is not quite sure what happened to an unencrypted thumb drive, which contained personal information - including Social Security numbers - on more than 5,500 patients.

Three laptops stolen from New York podiatry office, 6,475 at risk

Nearly 6,500 patients of New York-based Sims and Associates Podiatry may have had personal information compromised after three laptops were stolen.

Attack exercise reveals threat-sharing roadblock within health orgs

Attack exercise reveals threat-sharing roadblock within health orgs

In the "CyberRx" exercise, many organizations expressed concerns about communicating threat information to integral team members outside IT.

More than 1,400 medical records compromised in Texas breach

More than 1,400 medical records were compromised after unauthorized access was gained to the health records system used by a Texas cardiology clinic.

HHS reveals "high-risk" security issues at Medicaid agencies

HHS reveals "high-risk" security issues at Medicaid agencies

An HHS report, based on audits between 2010 and 2012, noted serious vulnerabilities affecting 10 state Medicaid agencies.

Medical staffers fall for phishing emails, data on 8,300 compromised

Nearly 20 staffers with Washington-based Franciscan Medical Group were tricked by phishing emails, resulting in a compromise of personal information for 8,300 patients.

Network Rx: Health care security

Network Rx: Health care security

With the addition of 15,000 mobile devices accessing its network, a medical center found assurance - and met compliance mandates, reports Greg Masters.

Devices stolen from Palomar Health staffer, data on 5K patients at risk

An encrypted laptop and two unencrypted flash drives containing personal information on 5,000 patients were stolen from a Palomar Health employee.

AvMed breach settlement awards plaintiffs regardless of suffered fraud

AvMed breach settlement awards plaintiffs regardless of suffered fraud

Legal experts say the settlement serves as a small win for plaintiffs, and a much bigger one for their attorneys.

More than 1,000 UK HealthCare patients impacted by stolen laptop

A password protected laptop stolen from Talyst, a provider of pharmacy billing management services, has resulted in the compromise of personal information for more than 1,000 patients of University of Kentucky HealthCare.

About 55K in San Francisco impacted in theft of Sutherland computers

The San Francisco Department of Public Health is warning more than 55,000 patients served in DPH facilities that their personal information may have been compromised in a Feb. 5 breach of Sutherland Healthcare Solutions.

Employee with Minnesota-based insurer risks data of 38K members

Roughly 38,000 members of Minnesota-based HealthPartners may have personal information at risk after an employee brought home electronic files containing the data.

Personal info ends up online, nearly 9,000 Ohio patients affected

A file containing personal information on almost 9,000 patients of HealthSource of Ohio was viewed 47 times in the roughly five-week span it was inadvertently made available on the internet.

Virus compromises sensitive info on 5,400 Colorado hospital patients

Social Security numbers and payment card data is among the personal information that may have been compromised for about 5,400 Colorado patients after a computer virus was identified on some hospital computers.

HHS CISO talks new threat briefings, alerts for health industry

HHS CISO talks new threat briefings, alerts for health industry

On Thursday, Kevin Charest, the U.S. Department of Health and Human Services CISO, spoke to SCMagazine.com about the new initiative.

Unencrypted desktops stolen from Calif. medical center, 10k impacted

Nearly 10,000 patients of University of California San Francisco Family Medicine Center at Lakeshore may have personal information at risk after unencrypted desktop computers containing their data were stolen.

Study: Health care orgs see modest decline in incidence, cost of data breaches

Study: Health care orgs see modest decline in incidence, cost of data breaches

An annual study on patient privacy and security marked improvements on the data breach front, though organizations voiced concerns with health information exchanges (HIEs).

Iowa DHS data breach dates back 2008, more than 2,000 impacted

Information on more than 2,000 individuals leaked outside a secure network because, since 2008, two employees with the Iowa Department of Human Services used personal online accounts and storage devices.

Oregon man received thousands of medical records on his home fax

Personal information on multiple patients was compromised after a Wisconsin hospital unknowingly faxed their records to an Oregon man.

Payroll vendor breached, data on more than 43,000 employees at risk

More than 43,000 former and current employees of Chicago-based Assisted Living Concepts are being notified that their personal data may be at risk after an unauthorized third party gained access to sensitive payroll files.

Roughly 1,100 Indianapolis patients impacted following laptop theft

More than a thousand patients of St. Vincent Indianapolis hospital are being notified that their personal information may have been compromised after a password-protected laptop containing the data was stolen.

Three nursing homes' security info discovered online

Security researchers discovered new documents online containing details about equipment and network firewall passwords that put multiple nursing homes' electronic medical records and payment information at risk.

Missing thumb drive puts 3,500 Texas cancer center patients at risk

More than 3,500 patients of The University of Texas MD Anderson Cancer Center may have had personal information compromised after a researcher's unencrypted USB thumb drive went missing.

Report: U.S. officials suspect developers in Belarus compromised healthcare.gov

U.S. intelligence agencies were concerned that developers, with ties to Belarus, helped "produce the website," The Washington Free Beacon reported.

Texas health system attacked, data on more than 400K compromised

More than 400,000 patients and employees of St. Joseph Health System in Texas are being notified that their personal information may have been accessed following an attack on the health system's computer system.

Apple meets with FDA over mobile medical apps

Apple executives had a discussion with FDA Commissioner Margaret Hamburg in mid-December.

Wisconsin health insurer loses hard drive, 41K members impacted

About 41,000 members of Wisconsin-based Unity Health Insurance are being notified that their personal information may be at risk after a portable hard drive was reported missing.

Hundreds impacted after Washington doctor's laptop is stolen

A laptop containing personal information - including Social Security numbers - on roughly 900 individuals at Washington nursing homes was stolen from the vehicle of a South Sound doctor.

Phishing scam lures three Calif. physicians, patient data compromised

Roughly 1,800 patients of UC Davis Health System in California are being notified that their personal information may be at risk after the email accounts of three physicians were compromised in a phishing scam.

Health care industry to ready itself for simulated attack exercise "CyberRX"

Health care industry to ready itself for simulated attack exercise "CyberRX"

The exercises are expected to occur in March and July and will be conducted in partnership with the U.S. Department of Health and Human Services and major health care companies.

Two employees fired after hospital computer containing PHI is dumped

Two employees at Georgia-based Phoebe Putney Memorial Hospital have been fired after a desktop computer containing information on nearly 6,800 individuals was mistakenly thrown away.

Unsecured file leads to data compromise of 12,000 in Wyoming

Data on nearly 12,000 past and present clients of the Wyoming Department of Health Special Supplemental Nutrition Program for Women, Infants and Children may be at risk after an unsecured file was sent to a partner.

Stolen laptop compromises more than 12,000 New Mexico patients

A laptop stolen from the office of a New Mexico Oncology Hematology Consultants employee may have led to a compromise of unsecured protected health information for more than 12,000 individuals.

Programming error leads to 50K Medicaid cards mailed to wrong addresses

It was a computer programming error in the North Carolina Department of Health and Human Services that led to the Medicaid cards of almost 50,000 children being mailed to wrong addresses.

Virginia hospital employee accesses records for four years, gets fired

An employee with Riverside Health System in Virginia was fired for inappropriately accessing the medical records of nearly 1,000 patients over the span of four years.

Rx for medical devices

Rx for medical devices

Network-connected-and-configured devices can be infected by malware that provides access to patient data, monitoring systems and implanted patient devices.

Stolen laptop impacts 3,500 individuals in South Carolina

Nearly 3,500 members of the South Carolina Health Insurance Pool may have had personal information compromised after a password-protected laptop containing the sensitive data was stolen from an independent auditor's car.

Employee sends info on 2,000 to personal email address, gets fired

An employee with a private contractor for Colorado Medicaid was fired after sending an email to a personal account that contained sensitive information on almost 2,000 people.

Computers stolen from Calif. EDD facility, personal info compromised

An undisclosed number of individuals may have had personal information compromised after a secured California Employment Development Department facility was broken into and computers were stolen.

Former Microsoft exec takes lead in mending healthcare.gov issues

Kurt DelBene will now serve as a senior advisor to the Secretary of Health and Human Services, replacing Jeff Zients, who previously managed healthcare.gov.

Two unencrypted N.J. health insurance laptops stolen, more than 800k impacted

Horizon Blue Cross Blue Shield of New Jersey is notifying more than 800,000 members that their personal information may have been compromised after two unencrypted laptops were stolen.

Patient information in Virginia accessed on unsecured server

The Fairfax County Health Department in Virginia is sending notification letters to roughly 1,500 individuals after one of the county's health care clinics inadvertently left private pharmaceutical records on an unsecured computer server.

House legislators request investigation into FDA hack

Representatives of the Energy and Commerce Committee have asked the FDA to hire experts to investigate the incident which occurred in October.

Staffer compromises more than a thousand Pittsburgh patients

More than a thousand patients treated at a variety of University of Pittsburgh Medical Center locations over the past year are being notified that their personal information was viewed inappropriately by a former employee.

Malware on hospital computer impacts thousands of Seattle patients

A UW Medicine employee opened an email attachment and unknowingly downloaded malware, which led to the compromise of about 90,000 patients of Seattle-based Harborview Medical Center and University of Washington Medical Center.

Researcher lobbies for increased security on medical devices

Researcher lobbies for increased security on medical devices

Jay Radcliffe showed how his insulin pump was vulnerable to a remote takeover.

Florida health employee caught photographing patient data, gets fired

Florida Digestive Health Specialists LLP is notifying about 4,400 patients that a former employee improperly accessed their personal information and photographed the data.

Patients compromised again, second UCSF laptop theft within two months

More than 8,000 patients of University of California, San Francisco are receiving notification letters after a possibly unencrypted laptop that contained the personal information was stolen from a physician's vehicle.

Thousands of California doctors impacted in Anthem breach

Thousands of doctors at Anthem Blue Cross of California are being notified that their personal information was mistakenly posted online.

California hospital notifies patients of missing thumb drive

More than a thousand patients of a California hospital are being notified that their personal information may have been compromised.

Milwaukee contractor loses flash drive, compromises thousands

Thousands of city workers in Milwaukee, as well as their spouses and domestic partners, had personal information compromised after a flash drive that contained the data was stolen.

Unencrypted laptop stolen, 11,000 dialysis patients impacted

More than 11,000 patients and some employees of Colorado-based kidney care company DaVita are being alerted after an unencrypted laptop containing their personal data was stolen from a staffer's vehicle.

(ISC)² intros program to certify security, privacy pros in health care

The HealthCare Information Security and Privacy Practitioner (HCISPP) certification program was introduced on Monday.

Hacker tests biometric device by implanting "Circadia 1.0" in his arm

The device records the wearer's body temperature and uploads the data to any Android device via Bluetooth.

Two nurses' aides guilty for using patient data to commit tax fraud

Two former nurses' aides for Virginia-based nonprofit Sentara Healthcare have pleaded guilty to accessing thousands of electronic patient records and using the information to file fraudulent tax returns.

Missouri hospital fires physician's assistant for accessing patient information

An employee of a staff physician at Boone Hospital Center in Missouri was fired after inappropriately accessing patient information on the hospital network.

Laptops stolen, data of 700k California hospital patients compromised

The theft of two laptops has led to a compromise of personal information, including Social Security numbers, for more than 700k patients of California-based AHMC hospitals.

Dick Cheney's wireless heart monitor was modified to curb hacking threat

In a TV interview, Cheney revealed that the wireless feature of his defibrillator was disabled due to concerns of an assassination attempt.

Wisconsin hospital bills erroneously mailed to unauthorized persons

A system settings error caused financial statements to be mailed to roughly 8,000 people who received care from a Wisconsin hospital, but an undisclosed number were sent to unauthorized persons.

Insecure email puts more than a thousand NC patients at risk

An employee with North Carolina-based CaroMont Health sent out an insecure email containing personal information on more than 1,300 patients.

Burglary compromises info of thousands at Calif. medical center

More than 3,500 patients of University of California San Francisco Medical Center may have had data compromised after a hospital laptop was stolen from an employee's vehicle.

Unauthorized user accesses medical records at Iowa-based health system

Nearly two thousand patients may have personal information at risk after an unauthorized user accessed an electronic medical record system for Iowa-based UnityPoint Health.

Stolen laptop compromises hundreds of Wisconsin hospital patients

Patients treated this year at St. Mary's Janesville Hospital in Wisconsin may have had personal data compromised when a health care laptop was stolen from the car of an employee.

Keeping every body safe: Medical devices

Keeping every body safe: Medical devices

Criminals leverage medical devices for targeted attacks, says Dale Nordenberg of the Medical Device Innovation, Safety and Security Consortium. Karen Epper Hoffman reports.

Unencrypted laptop stolen from Calif. hospital puts patients at risk

Patients of California-based Santa Clara Valley Medical Center had their medical data compromised when an unencrypted laptop was stolen from the audiology department.

Compliance deadline on HIPAA rules brings expanded responsibilities for third parties handling data

Business associates of HIPAA-covered entities are now legally bound to follow the same guidelines when securing patients' protected health information.

Kaiser Permanente employee sends out email containing patient data

A Kaiser Permanente employee sent out an email with an attachment that contained personal information on hundreds of patients.

Study: Medical ID theft victims increasingly report spoofed sites and phishing as cause of fraud

The number of victims fooled by spurious emails or fake websites has doubled since last year, and experts say the scams are still under-reported.

Card information stolen in attack on hospital payment vendor

Card information for thousands of Medical University of South Carolina patients may be at risk following a malicious attack on its third party card payment vendor.

Laptop and flash drive stolen from doctor's car

A laptop and flash drive containing health information for thousands of patients of St. Anthony's Medical Center in St. Louis was stolen from a doctor's car.

FTC files complaint against LabMD after investigating its security practices

The Federal Trade Commission alleges that the medical testing provider exposed the data of more than 9,000 consumers, putting them at risk of identity theft.

Unencrypted medical laptop goes missing, compromising patients

The specialized computer, which works in tandem with a health center medical machine, contained patient data and images.

Email asking how health care nonprofit handles personal data contained personal data

A document containing personal information inadvertently was attached to an Alaska nonprofit's mass distributed email survey, which, among other questions, asks clients how they believe the entity handles their sensitive health care materials.

Data of millions at risk after Illinois medical group burglary

Data of millions at risk after Illinois medical group burglary

Thieves stole four unencrypted computers from an administrative building of Advocate Medical Group in Chicago.

Employee fired for stealing external hard drive containing patient data

Employee fired for stealing external hard drive containing patient data

A medical clinic worker was fired after stealing an external drive containing personal medical information on thousands of patients.

Sign up to our newsletters

POLL