BlueCross Blue Shield of North Carolina

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 25, 2012
geo: 
Durham , NC
United States
North Carolina US
Records Breached: 

100

A mailing software error caused the private information of current and former Blue Cross Blue Shield members to be mailed to other members.  The error was discovered on April 12.  The records were more than 10 years old and included patient names, Social Security numbers, type of medical care received, and other protected health information.

Source: 
PHIPrivacy.net

Choice Hotels Internationals

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 26, 2012
geo: 
Silver Spring , MD
United States
Maryland US
Records Breached: 

Unknown

An unknown number of customers had their personal information entered into the wrong field in a database.  The information should have been encrypted but was not because of the error. Customers may have received mail with their credit card number, driver's license number, Social Security number, passport number, or any combination of these elements printed on the outside of envelopes. The issue was discovered in late December of 2011.

Source: 
California Attorney General

Saint Mary's Hospital, Naugatuck Valley Community College

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 23, 2012
geo: 
Waterbury , CT
United States
Connecticut US
Records Breached: 

Unknown

A Naugatuck Valley Community College instructor used patient X-rays from St. Mary's Hospital to teach radiology technology.  The instructor obtained the X-rays by using his Saint Mary's employee login to access medical records.  The X-rays were used without permission and contained patient names, dates of birth, and physician notes.  The instructor told students not to disclose the practice.

Source: 
PHIPrivacy.net

University of Arkansas for Medical Sciences (UAMS)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 20, 2012
geo: 
Little Rock , AR
United States
Arkansas US
Records Breached: 

7,000 (No SSNs or financial information reported)

A UAMS physician sent financial data to an individual who was not a member of UAMS's workforce in February of 2012.  Patient identifiers had not been removed from the data and UAMS learned of the error on April 6.  Patients of interventional radiology seen at UAMS between 2009 and 2011 had their names, UAMS account numbers, dates of service, interventional radiology procedures, diagnosis codes, charges, and payments exposed.

Source: 
PHIPrivacy.net

Virginia Military Institute

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 17, 2012
geo: 
Lexington , VA
United States
Virginia US
Records Breached: 

258 (No SSNs or financial information reported)

A Virginia Military Institute (VMI) administrator emailed a spreadsheet with the grade point average of every member of VMI's senior class to the VMI student president.  The email should have only contained an attachment with the names and hometowns of potential 2012 graduates.  The second attachment was not only emailed to the student president, but was then forwarded to 258 senior students before the student president and VMI administration realized the mistake.

Source: 
Dataloss DB

Phoenix Cardiac Surgery, P.C.

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
April 17, 2012
geo: 
Phoenix , AZ
United States
Arizona US
Extra Info: 

Patients in Prescott, Arizona may have also been affected.

Records Breached: 

Unknown

Phoenix Cardiac Surgery inadvertently posted the clinical and surgical appointments of patients on an Internet-based calendar that was publicly accessible.  The error went unnoticed for an unspecified amount of time.  The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) investigated the error and determined that Phoenix Cardiac Surgery had a number of Health Insurance Portability and Accountability Act (HIPAA) violations.  Phoenix Cardiac Surgery agreed to pay HHS a settlement totalling $100,000 and to comply with HIPAA.

Source: 
PHIPrivacy.net

Texas A&M University

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 14, 2012
geo: 
College Station , TX
United States
Texas US
Records Breached: 

4,000

Alumni who graduated before 1985 and requested copies of their transcripts may have been affected by a breach involving accidental disclosure.  Certain alumni had their names, Social Security numbers, addresses, and telephone numbers in an electronic file that was emailed to an individual who would not normally have access to such information.  The person who received the email notified the University.

Source: 
Dataloss DB

Baylor Law School

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 4, 2012
geo: 
Waco , TX
United States
Texas US
Records Breached: 

442 (No SSNs or financial information reported)

An administrative error resulted in recently admitted students receiving an email with the information of all recently admitted students.  Student names, addresses, grades, LSAT scores, race, scholarship amount, and other types of personal information were available in the email attachment. No Social Security numbers or dates of birth were in the emailed spreadsheet.  Students were encouraged to treat the data with the confidentiality of a lawyer and immediately delete the email.  

Source: 
Databreaches.net

Seton Healthcare Family, HealthLOGIX

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 10, 2012
geo: 
Austin , TX
United States
Texas US
Records Breached: 

555 (No SSNs or financial information reported)

A computer mailing error caused Seton member Medicaid health plan cards to be sent to incorrect addresses.  The cards were mailed by Seton's vendor HealthLOGIX on March 9. Seton became aware of the breach when members began calling about receiving the incorrect cards a week after the mistake.  Seton Health Plan members enrolled in the STAR/Medicaid plan were affected and may have had their names and dates of birth exposed.

Source: 
PHIPrivacy.net

City of Providence

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 21, 2012
geo: 
Providence , RI
United States
Rhode Island US
Records Breached: 

3,000

The city of Providence accidentally provided the Social Security numbers of almost 3,000 former employees when releasing information for a public records request.  GoLocalProv filed an Access to Public Records Act request in order to obtain information about pension recipients in Providence.  The city's legal team responded by emailing a .pdf file with retiree names, dates of retirement, dates for cost-of-living-adjustments, and monthly pension received each month.

Source: 
Media

Pages

Showing 1-10 of 832 results
Subscribe to DISC