Data Breach – Horizon Blue Cross – two data breaches in five years

Looking for information about the 2016 mis-mailing of EOB’s to Horizon Blue Cross Blue Shield of New Jersey (Horizon BCBSNJ) members?  Read-> Data Breaches Again at Horizon BCBSNJ Horizon Blue Cross Blue Shield of New Jersey – Two data breaches in five years. [Updated 18 December 2013*] Earlier this week 839,711 members of Horizon Blue Cross Blue Shield of New …

Data breaches in healthcare – The UW data breach

Data breach at the University of Washington – October 2013 In early October 2013 a University of Washington Medicine (UW Medicine) employee opened an email attachment and in doing so launched a piece of malicious software (aka *malware*). The employee’s computer was taken over by the malware and with that action approximately 90,000 patients had their data accessed by criminal …

Bringing the Social Media #Revolution to Health Care

Social Media and Healthcare On the 18th of October, the Mayo Clinic Center for Social Media announced the publication of Bringing the Social Media Revolution to Health Care (Mayo Clinic) – for those involved in the health care vertical and with social media responsibilities you owe it to yourself to get this book. More than 20 individual contributors made this …

Patient Data: The Crown Jewels (Mayo Blog)

I have always been an advocate of protecting one’s personal information and privacy and was personally pleased when the HIPAA standards came into being, as this raised the tide for all medical care providers to a common level of information protection. Indeed doctors, dentists, insurers, health organizations, hospitals and clinics all moved to have their data handling and storage reviewed and certified as being HIPAA compliant.

Sadly, being compliant is not synonymous with being secure. According to the Privacy Rights Clearinghouse there have been more than 87 separate data breaches made public from January 1 – June 10, 2011, which in aggregate affected more than 5,000,000 individuals’ records. Let’s look at the variety of ways patient data were compromised and how every one of these losses was avoidable.