Breach List Grows By 5, Hits 64 CasesIncidents involve theft, loss of devices or documents
The Office for Civil Rights within the U.S. Department of Health and Human Services regularly updates on its Web site a list of organizations that have notified the Department of Health and Human Services about a breach of unsecured health information involving more than 500 individuals. Under the HITECH Act's breach notification rule, such incidents must be reported to HHS and the media within 60 days.
The five most recently added cases are:
As previously reported on HealthcareInfoSecurity.com, the hospital in Southfield, Mich., is notifying patients that an external hard drive containing patient demographic information was recently lost or stolen. The hospital told federal authorities the case involves 83,945 individuals.
John Muir Physician Network
As previously reported on HealthcareInfoSecurity.com, John Muir Health , a Walnut Creek, Calif.-based health system, notified 5,450 patients about a potential breach of information stemming from the theft of two unencrypted laptop computers. The laptops were stolen in February from the John Muir Network Perinatal Office in Walnut Creek. They contained personal and health information going back more than three years.
VHS Genesis Lab Inc.
The Berwyn, Ill.-based facility of this lab company reports that 6,800 mailed client bills dated Jan. 5, 2010, did not arrive at their destinations.
The bills for tests performed in the Chicago area in December 2009 included patient name, date of birth, date of testing and test name.
The company has alerted all clients, including physicians, other labs and other providers, of the error. "We have tightened the mailing process to ensure policies and procedures are strictly followed to prevent future errors," according to a statement on the lab's Web site.
The lab is providing a toll-free number for inquiries and recommending that patients check their credit status for irregularities.
Laboratory Corporation of America's Dianon Systems
The unit of the national lab company reported a Feb. 18 theft in Arizona of a portable electronic device affecting 2,773 individuals. Earlier, Laboratory Corporation of America reported the Feb. 12 theft of a laptop at its Dynacare Northwest unit in Washington state. No further details were available.
University of Pittsburgh Student Health Center
The health center reported the March 11 theft or loss of paper records for 8,000 individuals. No further details were available.