Electronic Health Records

Policy & Regulation News

Texas MD Anderson Cancer Center announces data breach

By Patrick Ouellette

- The same week that Alaska DHSS agreed to pay $1.7 million to the government for an ePHI security breach, another big data breach was reported by the University of Texas MD Anderson Cancer Center.

An MD Anderson unencrypted computer containing patient and research information was stolen from a physician’s home on April 30. The Center investigated the matter and confirmed that the stolen computer contained patient information, such as names, medical record numbers, treatment and research information and some Social Security numbers.

The investigation hasn’t determined who the responsible criminal is and MD Anderson is trying to reproduce the computer’s information. However, more importantly, it started notifying affected patients who may have been affected. To ensure that credit card information remains safe, MD Anderson is offering credit monitoring services for those whose Social Security numbers were included in the data. Furthermore, it has call center support available to those affected.

MD Anderson said that it doesn’t believe the theft was due to the information on the computer, but that seems to be of little consequence at the moment. The unencrypted computer was completely vulnerable to theft and after what happened to DHSS, what type of action the government takes (if any) should be interesting. In its press release, Anderson said that it “takes this incident very seriously and is committed to protecting patient privacy.” If this is the case, it will follow up on its promise to ramp up its employee privacy training and encryption efforts.

  • EHR tool improves care transitions for pediatric patients
  • Accountable care requires more health IT than just EHRs
  • How Could 2015 End Up Driving the Move from Volume to Value?
  • ONC 2015 Edition Health IT Rule Aims at Interoperability
  • IHE, HL7 Renew Deal for Interoperability, FHIR Collaboration
  • Meaningful patient engagement through EHR, social media
  • Blumenthal: Finding the ROI in EHRs is still tough work
  • AHA sues HHS over two-midnight rule, Medicare policies
  • CVS Among Newest Additions to Surescripts Medication Service
  • Ensuring Patient Concerns Don’t Limit Health Data Exchange
  • AMIA Seeks Improvements to PCORI Data Access, Exchange Policy
  • Healthcare Industry Reacts to Stage 3 MU Proposed Rule
  • GAO report: HHS guidance on eRx health privacy is lacking
  • How can EHR lead us back to real conversations in care?
  • ACPE: Accountable care relies on strong physician leaders
  • HHS invests $5.3 million in rural health IT, telehealth
  • Nuance, Epic target efficiency with mobile EHR integration
  • HIMSS Seeks Changes to ONC Health IT Certification Program
  • Attorney tips for healthcare BYOD
  • BCBS of North Dakota Loses $72.9M as Claims Amounts Rise
  • LinkedIn users respond to Top 10 Meaningful Use Challenges
  • ICD-10 checkpoint: Testing, training, and teamwork in Q1
  • Telehealth Integration Enables Mercy to Monitor UNC Patients
  • Do Stage 3 Meaningful Use Requirements Need More Flexibility?
  • Can the semantic web revolutionize healthcare analytics?
  • Will overconfidence spell trouble in Stage 2 Meaningful Use?
  • Latest Health IT Certification Criteria Extends Beyond MU
  • How does medical device integration alter EHR adoption, use?
  • Doctor Shares Components of a Successful EHR Implementation
  • How providers transform EHR implementation into EHR adoption
  • DOD isn’t ready to let go of legacy EHR just yet
  • HIT Standards Committee still weighing EHR certification recommendations
  • What Does Epic’s App Store Mean for EHR Interoperability?
  • Pilots explore lack of health IT workers, funding for CAHs
  • Office-Based Docs Lag in Outward Health Information Exchange
  • Evaluating EHR trouble spots can help boost performance
  • Major Healthcare IT Topics to Watch Out for at HIMSS15
  • VA Completes Another Health Information Exchange Connection
  • Health IT Regulations, Mandates Most Affecting EHR Adoption
  • Federal Health Architecture releases CONNECT 4.0
  • What will drive an increase in EHR replacements in 2014?
  • Factors in physician compensation in 2012
  • AMIA Critiques CMS Proposal for Value-Based Programs
  • Where Do Payers Fit into Population Health Management?
  • ONC details transparency in 2014 Edition EHR certification
  • Minnesota hospitals save $40 million through quality reforms
  • Vanderbilt Study Shows EHR Use Improves Preventive Medicine
  • One quarter of Americans trust mHealth apps as much as their doctor
  • Kaiser Permanente and San Diego Beacon HIE connect to share data
  • ACP Offers EHR Clinical Documentation Improvement Guidelines
  • California creates new $80M health information exchange
  • AHA seeks alignment of quality programs, measures
  • Should psychiatric notes be part of an EHR?
  • athenahealth Makes Big Move into Rural Hospital EHR Market
  • Has Practice Fusion’s review site violated patient privacy?
  • CIO series: Meaningful use lessons, strategies from CIOs
  • Health IT Systems Improve Patient Safety, Workflow in Radiology
  • What dangers does EHR adoption present to patient safety?
  • Meaningful Use Tracker may fit small providers
  • Halamka: How do providers prepare for meaningful use audits?
  • EHNAC Updates Accreditation Criteria for ACO, HIE Programs
  • Certified EHR: Breaking down the ONC fact sheet
  • UPMC study to focus on patient-centered mental health IT
  • Qualities of a viable EHR patient portal
  • HELP Clears Improving Health Information Technology Act
  • AHIMA Patient Data Sharing White Paper Open for Public Comment
  • ECRI: Data integrity, health IT failures top patient risk list
  • Is Stage 1 more challenging than Stage 2 Meaningful Use?
  • AMA’s Madara Clarifies Remarks on Digital Snake Oil, EHR Use
  • ONC, OCR team up to improve patient privacy awareness
  • Engagement critical to Stage 2 Meaningful Use
  • Brooklyn HIE supports mental health patients, coordinates care
  • DoD loses control of health IT budget after fumbling iEHR
  • Patients Happy with Doctor Visits But E-connections Lag
  • HIMSS ties meaningful use to standard patient identifiers
  • Using mHealth to Promote a Healthier Public
  • What’s preventing telehealth use by mental health providers?
  • Survey Shows Many Unprepared for ICD-10 Implementation
  • EDIS Vendors to Lose Ground to Enterprise EHR Vendors
  • AHIMA: Six tips for reducing EHR risks, boosting quality
  • Verizon announces secure cloud messaging service for health data
  • Tenn. REC begins HIE with Direct, promotes EHR adoption
  • Top technical safeguards for health data security
  • Clinical Decision Support Guidelines Open for Public Comment
  • Boston patients exposed to virus due to lack of EHR training
  • CMS Announces MIPS Registration Period for Group Reporting
  • Arizona health system in the red after Epic EHR adoption
  • 359K Providers to Participate Alternative Payment Models in 2017
  • Healthcare fraud leads to enrollment moratoria in hot spots
  • CMS Pre-releases eCQM Changes for the 2018 Reporting Period
  • ICD-10 brings challenges, opportunities to medical coders: Q&A
  • How Health Data Infrastructure Factors into Fee Schedule Policies
  • CIO: ICD-10 tools must be more than “enhanced word processor”
  • Population Analytics Growing into Health IT Integration Role
  • POTUS Budget Proposes Eliminating AHRQ, Reducing ONC Funding
  • ONC challenge uses mHealth to reach parents of toddlers
  • CMS reopens Open Payments, extends physician review
  • EHR vendor selection checklist for small practices
  • Is healthcare spending heading in the right direction?
  • Inefficient health IT costs hospitals $8.3 billion a year
  • Browse the latest EHR, MeaningfulUse and ICD-10 White Papers and Guides 

    Related links:

    ePHI will benefit from more policy not just more technology

    UT law professor examines Utah health data breach

    Data security is everything in EHR selection and Implementation

    More on the South Shore Hospital health data breach

    Stiffer encryption means better protection for PHI or EHR



    Sign up to continue reading and gain Free Access to all our resources.

    Sign up for our free newsletter and join 60,000 of
    your peers to stay up to date with tips and advice on:

    EHR Optimization
    EHR Interoperability
    EHR Replacement

    White Papers, Webcasts, Featured Articles and Exclusive Interviews

    Our privacy policy

    no, thanks