Welcome! Login | Register
 

7 Reasons To Hire A Personal Trainer—7 Reasons To Hire A Personal Trainer

Depression In Humans – Differences And How To Defeat It 0—Depression In Humans – Differences And How To…

Bellator Announces 2018 Heavyweight World Grand Prix Featuring Chael Sonnen—Bellator Announces 2018 Heavyweight World Grand Prix Featuring…

Instacart Expands Service in Salem, Adds 100 Jobs—Instacart Expands Service in Salem, Adds 100 Jobs

Portland Trail Blazers Early Season Woes Continue In 2017-18 Season—Portland Trail Blazers Early Season Woes Continue In…

Sunday Political Brunch - The Perils of Party Infighting—November 12, 2017—Sunday Political Brunch - The Perils of Party…

NFC West Mid-Season Recap And Review—NFC West Mid-Season Recap And Review

Rogue Ales & Spirits Launches New Beer at University of Portland Basketball Game—Rogue Ales & Spirits Launches New Beer at…

University Of Washington Men’s Basketball – Rebuilding Starts With The Coaching Staff—University Of Washington Men’s Basketball – Rebuilding Starts…

Sunday Political Brunch: President Trump Had a Roller Coaster Week—November 5, 2017—Sunday Political Brunch: President Trump Had a Roller…

 
 

slides: 69,000 Oregonians Hit by Health Data Breaches

Friday, March 06, 2015

 

Over 69,000 Oregonians have been affected by health data security breaches since 2010, according to data maintained by the U.S. Department of Health and Human Services' Office for Civil Rights.  

Fifteen businesses, including Oregon Health and Science University, Portland Veteran Affairs Medical Center, and Lower Umpqua Hospital, each compromised private information for over 500 of their clients. However, some breaches affected as much as 17,000 people.  

SLIDES:  See the Security Breaches BELOW

Health data breaches can lead to medical identity theft, a growing problem with serious consequences for victims, according to Bob Gregg, CEO of ID Experts, a company specializing in data breach prevention and response. 

“It’s not an overstatement to say medical identity theft could kill you,” said Gregg. “It’s the fastest growing identity crime in the country.”  

When records gathered by health organizations are breached, information on medical history and insurance is compromised. Gregg said this information is used to purchase medical supplies and services, or harvested by health providers who use it to bill Medicare or Medicare for services never rendered. 

However, Gregg said the consequences for medical identity theft victims are more serious than having to cancel a credit card. 

“If you got to the ER and you’re unconscious, you can’t talk to the doctors when they pull up your record and your drug allergies or even blood type has been changed,” Gregg said. 

In 2014, 2.3 million Americans were victim to some form of medical identity theft, a 23 percent increase from the previous year, according to a study by the Ponemon Institute. 
The growth is because the montaryvalue of the medical information is 10 to 50 times more valuable than Social Security numbers, according to Gregg. 

Protecting your information
If personal information is compromised in a data breach, it is important to act quickly. Paul Stephens is the Director of Policy and Advocacy at Privacy Rights Clearinghouse, a nonprofit consumer rights and privacy advocate.  

“If it involves your Social Security number, you need to look into a credit report freeze and Social Security freeze. If it’s medical information, you want to monitor the explanation of benefits from your insurance carrier,” Stephens said. 

Of the sixteen health data breaches in Oregon since 2010, 11 resulted from thefts of papers or laptops. Stephens said these cases are generally carelessness on the company or employer’s part. 
“They’ll lose a laptop and it won’t be encrypted,” Stephens said.  

The Government’s Role
Under the federal HITECH Act, health security breaches that affect 500 people or more must be reported to the Secretary of Health and Human Services. 

In Oregon, businesses are required to notify anyone whose information may have been compromised in a breach. However, they do not have to report it to any state regulators, such as the Oregon Attorney General. 
Last December, Oregon Attorney General Ellen Rosenblum urged the Oregon Senate and House Judiciary Committee to expand the state's data breach law and require breaches be reported to her office, giving her enforcment power.  

“As technology changes, so must the legal infrastructure which protects that technology. Oregonians want—and should—know who is collecting their personal information and data, how it is being used and protected, as well as to whom it is being sold,”  Rosenblum said in her testimony.

Only fifteen states have laws that require data breaches be reported to state police. 

Gregg said he has been lobbying this year in Salem, urging legislators to require medical identity monitoring in the case of a breach, along with financial monitoring.  

“90 percent of the public has no clue what medical identity theft is,” Gregg said. “They have to start understanding the biggest risk for citizens of Oregon in breaches of this kind.”

 

Related Slideshow: Oregon Health Data Breaches

The following are health data breach reports from Oregon as listed on the Department of Health and Human Services Office of Civil Rights website

As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. These breaches are now posted in a new, more accessible format that allows users to search and sort the posted breaches. Additionally, this new format includes the names of private practice providers who have reported breaches of unsecured protected health information to the Secretary.

Prev Next

#16

Oregon Health Authority

Individuals Affected: 550

Breach Submission Date: 4/26/2012 

Type of Breach: Theft

Location of Breached Information: Paper/Films 

Prev Next

#15

Kaiser Foundation Health Plan of the Northwest

Individuals Affected: 647

Breach Submission Date: 9/3/2013 

Type of Breach: Unauthorized Access/Disclosure

Location of Breached Information: Unauthorized Access/Disclosure

Prev Next

#14

Oregon Health & Science University

Individuals Affected: 702

Breach Submission Date: 7/31/2012

Type of Breach: Theft

Location of Breached Information: Other

Prev Next

#13

Lincoln County Health and Human Services/Lincoln Community Health Center

Individuals Affected: 959

Breach Submission Date: 6/14/2013

Type of Breach: Unauthorized Access/Disclosure

Location of Breached Information: Paper/Films

Prev Next

#12

Oregon Health & Science University

Individuals Affected: 1076

Breach Submission Date: 4/11/2013

Type of Breach: Theft

Location of Breached Information: Laptop

Prev Next

#11

Treatment Services Northwest

Individuals Affected: 1,200

Breach Submission Date: 7/29/2011

Type of Breach: Theft

Location of Breached Information: Desktop Computer

Prev Next

#10

Albertina Kerr Centers

Individuals Affected: 1,320

Breach Submission Date: 10/6/2014

Type of Breach: Theft

Location of Breached Information: Laptop 

Prev Next

#9

Oregon Health & Science University

Individuals Affected: 1,361

Breach Submission Date: 7/28/2013

Type of Breach: Unauthorized Access/Disclosure

Location of Breached Information: Other

Prev Next

#8

Portland VA Medical Center

Individuals Affected: 1,740

Breach Submission Date: 10/29/2014 

Type of Breach: Theft

Location of Breached Information: Paper/Films

Prev Next

#7

Dr. Trandinh

Individuals Affected: 2,300

Breach Submission Date: 2/20/2012

Type of Breach: Theft, Unauthorized Access/Disclosure

Location of Breached Information: Laptop

Prev Next

#6

Thomas L. Davis, Jr. DDS

Individuals Affected: 3,269

Breach Submission Date: 3/15/2013

Type of Breach: Theft

Location of Breached Information: Desktop computer, electronic medical record 

Prev Next

#5

Eastmoreland Surgical Clinic, William Graham, DO

Individuals Affected: 4,328

Breach Submission Date: 8/20/2010

Type of Breach: Theft

Location of Breached Information: Desktop computer, laptop, other,  

Prev Next

#4

Molalla Family Dental

Individuals Affected: 4,354

Breach Submission Date: 7/16/2012

Type of Breach: Hacking/IT Incident, Other, Unauthorized Access/Disclosure

Location of Breached Information: Network Server

Prev Next

#3

Robert Witham, MD, FACP

Individuals Affected: 11,136

Breach Submission Date: 6/6/2012

Type of Breach: Theft

Location of Breached Information: Desktop computer 

Prev Next

#2

Lower Umpqua Hospital

Individuals Affected: 17,000

Breach Submission Date: 6/8/2011

Type of Breach: Theft

Location of Breached Information: Other, other portable electronic device

Prev Next

#1

Central City Concern

Individuals Affected: 17,914

Breach Submission Date: 5/19/2014

Type of Breach: Unauthorized Access/Disclosure

Location of Breached Information: Other

 
 

Enjoy this post? Share it with others.

 

X

Stay Connected — Free
Daily Email