Breach List Grows By 5, Hits 64 Cases

Incidents involve theft, loss of devices or documents
Breach List Grows By 5, Hits 64 Cases
Five more breaches, all involving the theft or loss of devices or paper documents, have been added in recent days to the official federal tally of major healthcare incidents. The list now totals 64 cases dating back to September 2009, when new federal breach reporting requirements kicked in.

The Office for Civil Rights within the U.S. Department of Health and Human Services regularly updates on its Web site a list of organizations that have notified the Department of Health and Human Services about a breach of unsecured health information involving more than 500 individuals. Under the HITECH Act's breach notification rule, such incidents must be reported to HHS and the media within 60 days.

The five most recently added cases are:

Providence Hospital

As previously reported on, the hospital in Southfield, Mich., is notifying patients that an external hard drive containing patient demographic information was recently lost or stolen. The hospital told federal authorities the case involves 83,945 individuals.

John Muir Physician Network

As previously reported on, John Muir Health , a Walnut Creek, Calif.-based health system, notified 5,450 patients about a potential breach of information stemming from the theft of two unencrypted laptop computers. The laptops were stolen in February from the John Muir Network Perinatal Office in Walnut Creek. They contained personal and health information going back more than three years.

VHS Genesis Lab Inc.

The Berwyn, Ill.-based facility of this lab company reports that 6,800 mailed client bills dated Jan. 5, 2010, did not arrive at their destinations.

The bills for tests performed in the Chicago area in December 2009 included patient name, date of birth, date of testing and test name.

The company has alerted all clients, including physicians, other labs and other providers, of the error. "We have tightened the mailing process to ensure policies and procedures are strictly followed to prevent future errors," according to a statement on the lab's Web site.

The lab is providing a toll-free number for inquiries and recommending that patients check their credit status for irregularities.

Laboratory Corporation of America's Dianon Systems

The unit of the national lab company reported a Feb. 18 theft in Arizona of a portable electronic device affecting 2,773 individuals. Earlier, Laboratory Corporation of America reported the Feb. 12 theft of a laptop at its Dynacare Northwest unit in Washington state. No further details were available.

University of Pittsburgh Student Health Center

The health center reported the March 11 theft or loss of paper records for 8,000 individuals. No further details were available.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.