Midland Memorial Hospice in Texas, as well as Washington Health System Greene in Pennsylvania, have declared they have found patients’ PHI has been disclosed.
Washington Health System Greene Learns Hard Drive Lost
Washington Health System Greene is warning 4,145 patients that a few of their PHI have been disclosed following a hard drive was found to be lost.
A moveable hard drive utilized with a bone densitometry device in the Radiology division was found to be disappeared on October 11, 2017. Even though it’s probable that the hard drive might have been lost, a hunt of the hospital didn’t find the hard drive, and the lost hard drive has been informed to the Pennsylvania State Police Department like a possible thievery.
The lost hard drive had data on patients who went to the hospice for bone mass tests from 2007 to October 11, 2017. The data saved on the lost hard drive was restricted to names, weight, race, height, and gender, whereas a few patients also had particulars of health problems, the name of their recommending doctor, as well as medical file numbers saved on the hard drive. No insurance details, Social Security numbers, financial information, or other highly confidential information was disclosed.
As needed by HIPAA, patients have been alerted to the breach. Because of the restricted character of files disclosed, even if the hard drive has been thieved, Washington Health Greene doesn’t think patients are at a danger of fraud or identity theft.
Midland Memorial Hospice Finds Electronic mail Account Undermined
Midland Memorial Hospice has faced a breach of a restricted number of patients’ PHI. Over 1K patients are assumed to have been impacted.
Midland Memorial Hospice found an illegal person accessed the electronic mail account of a worker at the hospice, in what seems to be a tried Business Email Compromise (BEC) attack. The purpose of the assailant seemed to be to trick workers into executing bank account transmissions to an incorrect bank account.
The breach was found on October 13, 2017, having entry to the electronic mail account thought to have been gained on or about October 10. On detection of the safety breach, access to the electronic mail account was ended and a complete inquiry was carried out. The electronic mail account was revealed to have some PHI which included first and last names, account numbers, medical record numbers, and info pertaining to radiology processes which had been carried out at the hospice from August to September 2017. No driver’s license numbers, financial information, or Social Security numbers were disclosed, and no proof has been found to indicate any patient information has been utilized incorrectly.
Midland Memorial Hospice has taken measures to avoid more cases of this type from happening, including reviewing procedures and policies and retraining workforce.