05/21/2012
A report from the Department of Homeland Security finds that the health care industry's adoption of mobile technology poses certain security risks to patient data. The report offers recommendations to boost health care organizations' data security. Government Computer News et al.
05/14/2012
State officials say that personal data on In-Home Supportive Services workers and care recipients might have been compromised when microfiche containing Social Security numbers went missing from a shipment sent by mail. Los Angeles Times, AP/San Jose Mercury News.
04/27/2012
A Stockton laboratory affiliated with St. Joseph's Medical Center had records containing data on at least 700 patients stolen during a break-in that was discovered on Feb. 2, according to hospital officials. The data included Social Security numbers and health insurance information. St. Joseph notified the police and government agencies. Officials also contacted potentially affected patients by mail, offering them no-cost enrollment in a credit-monitoring system. Stockton Record.
04/24/2012
A Sacramento Bee editorial argues that "improving state hospitals should not entail limiting the amount of legitimate information provided to the public." The editorial adds that although the state must comply with federal patient privacy laws, it should "not hide behind privacy laws, obfuscate and otherwise effuse to release fundamental information." Sacramento Bee.
04/11/2012
A class-action lawsuit has been filed against St. Joseph Health System for allegedly allowing data on 31,800 California patients to be searchable online. St. Joseph Health operates several hospitals in California. According to a St. Joseph Health spokesperson, the suit is one of five filed against the health system for accidental release of information. North Bay Business Journal.
03/09/2012
A Department of Managed Health Care official said that in October 2011 the agency posted confidential information online, including physician names and medical conditions, about seven Medicare Advantage beneficiaries and one health insurance agent. Payers & Providers.
03/02/2012
Sacramento County Superior Court will review a class-action lawsuit comprised of 11 individual lawsuits filed in response to a recent data breach at Sutter Health. The cases are being consolidated to maximize resources and avoid duplication. Sacramento Business Journal.
02/17/2012
This week, St. Joseph Health System announced that a recent data breach affecting 21,300 patients at two Orange County hospitals also might have exposed the health records of more than 10,000 patients from four hospitals in Napa, Petaluma and Santa Rosa. Officials said the compromised data did not include Social Security numbers, addresses or financial data. North Bay Business Journal.
02/16/2012
On Wednesday, St. Joseph Health System announced that the health records of 21,300 patients might have been accessible through Internet search engines because of faulty security settings on internal computers at Orange County's Mission Hospital and St. Jude Medical Center. Officials said the compromised data did not include Social Security numbers, addresses or financial information. Orange County Register.
01/05/2012
Los Angeles Times columnist Michael Hiltzik describes a recent situation in which executives from Shasta Regional Medical Center, which is owned by Prime Healthcare Services, showed a patient's medical chart to the Redding Record Searchlight, arguing that the incident violates patient privacy rules because the hospital executives did not obtain the patient's written authorization. "The behavior of Prime and Shasta Regional should provide rich fodder for investigations by state and federal agencies and by U.S. prosecutors in Sacramento, who cover Shasta County," Hiltzik writes. Los Angeles Times.
12/22/2011
Attorneys have filed a class-action lawsuit against the UCLA Health System over a security breach in September that exposed data on 16,288 patients. The suit is seeking as much as $16 million in damages. Modern Healthcare.
12/12/2011
Last week, Vallejo Rite Aid officials announced that prescription drug files on about 3,000 customers have been missing since August. At the end of August, employees at the newly renovated Rite Aid on Solano Avenue realized that several boxes containing prescription records were missing. Spokesperson Ashley Flower said that the company has electronic copies of the files and that the missing files do not contain any credit card or Social Security numbers. Rite Aid retained a risk consulting firm to notify affected customers. Vallejo Times-Herald.
12/05/2011
On Friday, Contra Costa County officials mailed letters to county hospital patients whose names unintentionally appeared online in a public document. Officials said the incident involves patients who were relieved of medical debt last year by county supervisors. An agenda item posted online contained more than 5,000 patient names and financial records, but no medical information. County Administrator David Twa said that the names have been redacted and that the state Department of Public Health was notified. Twa added that the county started an internal investigation last week. Contra Costa Times.
11/30/2011
On Nov. 21, the law firm Dreyer Babich Buccola Wood filed a class-action lawsuit against Sutter Health in a response to a stolen computer containing personal information on more than four million patients. On Nov. 16, the law firm Harris & Rubel filed a similar lawsuit on behalf of a patient against Sutter Medical Foundation and Sutter Physician Services. Both lawsuits allege that Sutter did not have adequate safeguards in place and failed to notify affected patients within 30 days of the incident. eWeek, Becker's Hospital Review.
11/23/2011
Sutter Health patients have filed a lawsuit against the health system following the theft of a computer that contained personal data of more than four million patients. The lawsuit argues that Sutter was negligent in securing data and in notifying affected patients. Sacramento Bee, KCRA.