Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email


Children’s Dallas docked $3.2 million over patient privacy breaches

February 2, 2017

Children’s Medical Center of Dallas has paid a penalty of more than $3.2 million to the federal government over privacy breaches dating back to 2007 that left the data for thousands of patients at risk.
The facility voluntarily reported potential disclosures of patient health information, but it did not implement strong safeguards to ensure that the breaches would not happen again, according to a statement issued Wednesday from the U.S. Department of Health and Human Services.
Ensuring security precautions to protect health information is essential, said Robinsue Frohboese, acting director of the Office for Civil Rights in the statement.

“A lack of risk management not only costs individuals the security of their data, but it can also cost covered entities a sizable fine,” she said.

Children’s Health responded Thursday saying that it has fully cooperated with the government’s investigation, and that it does not believe any patient or their family was affected by the incidents.
In 2010, the medical center reported that the personal information for about 3,800 patients had been accessible on an unencrypted, non-password protected BlackBerry device used at the Dallas-Fort Worth International Airport the previous year.
However, according to the federal investigation, they were aware of the potential risk of that kind of incident since at least 2007. A security analysis conducted by the healthcare consulting firm Strategic Management Systems over a 3-month period ending February 2007 uncovered gaps.
So did a separate analysis in 2008 from the consulting firm PwC. It said encryption should be a “high priority” for the medical center, as stolen devices could put patient data at risk.

Still, no security plan was established, and the encryption issue was not corrected on laptops, workstations and other devices distributed to the Children’s workforce until April 2013, the civil rights office investigation found.
That month a laptop was stolen in a separate breach that contained unencrypted data for nearly 2,500 people. Children’s reported the HIPAA (Health Insurance Portability and Accountability Act) violation to the Office of Civil Rights three months later.
In January, the medical center declined its right to request a hearing and challenge the fine, which totaled $3,217,000.
“We have decided to pay the imposed fine because efforts to formally contest the claims would be a long and costly distraction from our mission to make life better for children,” said Scott Summerall, a spokesperson for Children’s Health. “We remain committed to protecting the privacy of our patients.”

Tags: , , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
MoviePass CEO Addresses Privacy Concerns, Says App Has Never Monitored Users’ Locations
March 14, 2018

MoviePass CEO Mitch Lowe said he misspoke at a recent industry conference in describing the kinds ...

Read more
Privacy Altcoin Zcash Announces First Network Update, ‘Not Expected’ To Be A Fork
March 5, 2018

Privacy-oriented cryptocurrency Zcash announced the release of their first network upgrade, Zcash Ov...

Read more
Meet Vero: Why a billionaire’s Instagram alternative is suddenly so popular
March 1, 2018

Instagram haters are jumping on a new social media bandwagon. Vero, a photo-sharing app that laun...

Read more
Facebook loses Belgian privacy case, faces a hefty fine
February 19, 2018

A Belgian court threatened Facebook with a fine of up to 100mil euros (RM480mil) if it continued to ...

Read more
featured image 3
Steve Hilton: Silicon Valley’s surveillance capitalism has resulted in Big Tech killing off human privacy
February 12, 2018

The case against Big Tech seems to be building by the week. And interestingly, some of the most powe...

Read more