PHI Breach for Major Eye Care Group in Northern California

[InfoSec News <alerts () infosecnews org>]

http://www.healthdatamanagement.com/news/breach-notification-hipaa-privacy-security-46476-1.html

By Joseph Goedert
Health Data Management
Aug 12, 2013

Retinal Consultants Medical Group in Sacramento, with 10 offices serving 
Northern California, has announced the theft of an unencrypted laptop 
computer.

The organization has issued notifications but has not disclosed the number 
of affected patients, which it will have to do when it files a report with 
the HHS Office for Civil Rights, which enforces the HIPAA breach 
notification rule. The privacy officer for Retinal Consultants did not 
return a telephone call seeking information on the scope of the breach and 
whether affected patients are being offered credit/identity theft 
protective services, although the notification does not mention such 
services.

"In compliance with California and federal law, patients affected by the 
security breach are being notified of the incident, and, although the 
company is not aware of any access or misuse of the PHI by an unauthorized 
individual, they are strongly encouraged to take steps to eliminate or 
minimize any potential harm that could be caused by the theft," according 
to the notification. "This includes, but is not limited to, obtaining 
credit reports from one or more of the major credit reporting agencies, 
and monitoring financial and banking accounts for unauthorized activity."

[...]



--
Find the best InfoSec talent without breaking your budget!
Post a Job! $99 for 31 days
http://www.hotinfosecjobs.com/