San Francisco public health officials had to notify nearly 56,000 patients that their personal information may have been compromised by theft of eight unencrypted laptops.
How could this have been avoided? Secure all doors to the building and encrypt all laptops!
Penn State Hershey Medical Center had to notify approximately 1,800 patients that an employee used his personal computer, personal flash drive, and personal email address to access protected health information.
How could this have been avoided? Educate employees on HIPAA policies and procedures!
The University of Cincinnati Medical Center, along with two employees, is being sued because an employee allegedly posted a patient’s private medical information on Facebook.
How could this have been avoided? Even if a patient’s name is not included, never post any patient information on a social media site!