Data breaches reported from 12 medical facilities last month
A dozen medical data breaches were added to the Privacy Rights Clearinghouse list last month – and that doesn’t even include Affinity Health Plan’s leaving personal information of more than 400,000 people on their digital copier when the lease was up.
- Our Lady of Peace (Louisville, KY)
Someone lost or stole a flash drive containing personal information of nearly 25,000 of the psychiatric hospital’s patients. Some of the records are from as far back as 2002. - St. Jude Heritage Medical Group (Orange, CA)
Five computers storing the information of 20,000 patients were stolen during a break-in. In this case, the info included names, birth dates and Social Security numbers; some patients’ health information was also on the computers. - The Medical Center (Bowling Green, KY)
- Hutcheson Medical Center and a plastic surgery center (Chattanooga, TN)
Thousands of patient files dating back to 1998 were sent to the Dupont Recyling Center. Information within the files included personally identifying info. Patients who underwent plastic surgery will be mortified to know their photos were also up for grabs. (This data breach actually occurred May 2009, but just made the list April 2010.) - DRC Physical Therapy Plus (Monticello, NY)
Thousands of patients’ records were unceremoniously dumped when the business folded. Police impounded a dump truck loaded with boxes of files and removed another 12 boxes of patient records from the bucket of a front-end loader.
Someone stole a hard drive that contained the info of women who had bone density testing at the mammography suite between 1997 and 2009.
