By Beth Walsh
CMIO
Originally published August 6, 2012
Yet another hospital has suffered a data breach. The administration at Oregon Health & Science University Hospital (OHSU) in Portland is sending letters to the families of 702 pediatric patients after a USB drive containing some of their patient information was stolen. In total, data for more than 14,000 patients was stored on the drive, along with information for about 200 OHSU employees.
The entire story is here.
Editorial note: It is advisable to not take patient data home, whether it is stored on a laptop or in some type of portable storage device such as a jump drive.
Showing posts with label Portable Storage Device. Show all posts
Showing posts with label Portable Storage Device. Show all posts
Tuesday, August 21, 2012
Monday, July 9, 2012
Data breach leads to $1.7M fine for Alaska DHSS
By Erin McCann
Healthcare Finance News
Originally published June 27, 2012
The Alaska Department of Health and Social Services (DHSS) – the state’s Medicaid agency – has agreed to pay $1.7 million to the U.S. Department of Health and Human Services (HHS) to settle possible violations of the HIPAA Security Rule, making it the second largest settlement for HIPAA violations to date.
As part of the settlement, the state has also agreed to take corrective action to properly safeguard the electronic personal health information (PHI) of their Medicaid beneficiaries.
The HHS Office for Civil Rights (OCR) began its investigation following a breach report submitted by Alaska DHSS as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act. The report indicated that a portable electronic storage device (USB hard drive) possibly containing PHI was stolen from the vehicle of a DHSS employee. PHI from an estimated 2,000 individuals was stored on the device.
The entire story is here.
Editorial Note: Please do not tranfer large amounts of personal data from a secure data bank to a jump drive, lap top or other portable storage device.
Healthcare Finance News
Originally published June 27, 2012
The Alaska Department of Health and Social Services (DHSS) – the state’s Medicaid agency – has agreed to pay $1.7 million to the U.S. Department of Health and Human Services (HHS) to settle possible violations of the HIPAA Security Rule, making it the second largest settlement for HIPAA violations to date. As part of the settlement, the state has also agreed to take corrective action to properly safeguard the electronic personal health information (PHI) of their Medicaid beneficiaries.
The HHS Office for Civil Rights (OCR) began its investigation following a breach report submitted by Alaska DHSS as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act. The report indicated that a portable electronic storage device (USB hard drive) possibly containing PHI was stolen from the vehicle of a DHSS employee. PHI from an estimated 2,000 individuals was stored on the device.
The entire story is here.
Editorial Note: Please do not tranfer large amounts of personal data from a secure data bank to a jump drive, lap top or other portable storage device.
Subscribe to:
Posts (Atom)