A New Hampshire radiology practice is notifying more than 230,000 patients that they may have been affected by a healthcare information breach incident involving hackers using a server to gain bandwidth to play a video game.
What's embarrassing about the WikiLeaks episode isn't just the precarious position the publication of diplomatic cables put the U.S. in with its allies but the likelihood that one, low-level analyst accessed sensitive data without authorization and then leaked them.
About 400,000 Puerto Ricans enrolled in the government's health insurance plan for the impoverished have potentially been affected by a breach incident involving unauthorized access to an Internet database.
Staff training, aggressive breach prevention efforts and strong sanctions for violating policies are key to creating a corporate culture that values privacy and security, says Alan Dowling, the new CEO of the American Health Information Management Association.
American consumers need to know that personal health records must follow government-mandated guidelines for ensuring privacy and security, just as is the case for electronic health records. Otherwise, the use of PHRs may never become widespread.
In the year since the breach notification rule for personal health records took effect, no major breaches affecting 500 or more individuals have been reported, according to the Federal Trade Commission.