HIPAA Data Breaches

Touchstone Medical Imaging (“Touchstone”) has agreed to pay $3,000,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security and Breach Notification Rules. Touchstone, based in Franklin,…

A healthcare IT worker formerly employed by Aspen Hospital is suing the hospital and five of its employees for an alleged HIPAA breach after it was disclosed he had contracted HIV. The former employee, only identified as John Doe in the suit, was also a patient at the hospital. His attorneys, Mari Newman, Darold Killmer…

 4,082 patients of Complete Chiropractic & Bodywork Therapies (CCBT) of Ann Arbor, MI., have been notified of a potential breach of protected health information after malware was discovered on one of the company’s servers. The malware was discovered on March 19, 2016., after the server malfunctioned. The malfunctioning of the server triggering CCBT’s security protocols…

A former employee of CVS, an Over-the-Counter benefits vendor contracted by Molina Healthcare, has been discovered to have stolen the Protected Health Information (PHI) of 54,203 current and former members of Molina Medicare Options Plus HMO SNP. The unnamed employee emailed data from a work computer to a personal email account on March 26, 2015,…

The William W. Backus Hospital has sent breach notification letters to 360 individuals alerting them that their Protected Health Information (PHI) may have been viewed by an unauthorized individual. The information potentially viewed includes patient names, medical record numbers, dates of treatment, and information relating to the diagnoses and treatment provided to patients. The hospital…

Hospital Employee Steals Protected Patient Data to Commit Identity Theft A former employee of the Bethesda Hospital in Boynton Beach, Fla, has been arrested and charged with identity theft; after fraudulently obtaining IDs and credit int he names of 20 individuals, most of which had been patients of the Boynton Beach hospital in which she…

A North East Medical Services HIPAA breach has been reported which exposed the Protected Health Information of almost 70,000 patients after an unencrypted laptop was stolen from the car of a NEMS employee’s car. According to a breach notice sent to the California Department of Public Health, the incident occurred on July 11, 2015. The…

A class action lawsuit has been filed in the Kanawha Circuit Court against Charleston Area Medical Center, for a data breach that occurred between August 2013 and February 2014. The lawsuit has been filed by two plaintiffs who were patients of the medical center at the time of the data breach. Tiffany Mallion and Nickole…

On July 3, 2015, Orlando Health reported a (now former) employee illegally accessed the medical records of up to 3,200 patients while employed at the hospital. The data breach was discovered on May 27, 2015, although it took just over a month for breach notices to be issued. The healthcare provider started sending notifications to…