Electronic Health Records

Policy & Regulation News

Texas MD Anderson Cancer Center announces data breach

By Patrick Ouellette

- The same week that Alaska DHSS agreed to pay $1.7 million to the government for an ePHI security breach, another big data breach was reported by the University of Texas MD Anderson Cancer Center.

An MD Anderson unencrypted computer containing patient and research information was stolen from a physician’s home on April 30. The Center investigated the matter and confirmed that the stolen computer contained patient information, such as names, medical record numbers, treatment and research information and some Social Security numbers.

The investigation hasn’t determined who the responsible criminal is and MD Anderson is trying to reproduce the computer’s information. However, more importantly, it started notifying affected patients who may have been affected. To ensure that credit card information remains safe, MD Anderson is offering credit monitoring services for those whose Social Security numbers were included in the data. Furthermore, it has call center support available to those affected.

MD Anderson said that it doesn’t believe the theft was due to the information on the computer, but that seems to be of little consequence at the moment. The unencrypted computer was completely vulnerable to theft and after what happened to DHSS, what type of action the government takes (if any) should be interesting. In its press release, Anderson said that it “takes this incident very seriously and is committed to protecting patient privacy.” If this is the case, it will follow up on its promise to ramp up its employee privacy training and encryption efforts.

  • Looking ahead: ICD-10 tasks to complete before October 1, 2014
  • CMS Opens Quality Payment Program Hardship Exception Application
  • CMS Pre-releases eCQM Changes for the 2018 Reporting Period
  • 58% of docs dissatisfied with EHRs, loss of productivity
  • UPDATE: Pending Modifications Holding Back EHR Incentive Programs
  • Is your hybrid EHR-paper workflow putting patients at risk?
  • Health 2.0 keynote Q&A with Jonathan Bush
  • You may have been misinformed about Stage 2
  • The Need for Healthcare CIOs to Leverage HIT Messaging Tools
  • Epic EHR Implementation Leads to Cerner EHR Replacement
  • Improved Health Data Exchange at Heart of UVM Epic EHR Plan
  • EHR users to benefit from fiscal-cliff legislation?
  • Can CME delivered through EHRs improve patient outcomes?
  • Physician Progress on Telehealth ‘Small but Significant’
  • How EHR adoption, implementation affects project analysts
  • Is the Triple Aim of Healthcare Achievable Through EHRs?
  • Doctors Facing Payment Penalties in EHR Incentive Programs
  • Hospital Alarm Fitness Boot Camp: Webinar Series on clinical alarm management
  • Health Information Exchange is a Tool, Not a Solution
  • Long-term EHR projects and the short-term healthcare mindset
  • Halamka: How do providers prepare for meaningful use audits?
  • Tavenner receives bipartisan praise during Senate hearing
  • July 15: WEDI, CMS begin meaningful use webinar series
  • Surescripts saw 32% growth in e-prescriptions in 2013
  • Pinaxis wins EHR accessibility challenge with Apollo
  • NC bill would make hospital pricing available through HIE
  • Online physician reviews bring transparency, engagement
  • AMA Questions Data Standards for Physician Compare
  • Complex Clinical Decision Support May Improve Cancer Care
  • Top telemedicine resources, tips, and industry facts
  • HL7 Publishes Release 3 of HIT Standard FHIR for Trial Use
  • Final HIPAA omnibus rule now in effect
  • MEDITECH Web EHR Gains 5 New Health Organizations
  • How style guides sustain effective consistency in EHR design
  • Meritus Epic EHR Selection Came Down to Satisfaction
  • When will mHealth become part of clinical workflows, EHRs?
  • What will be the biggest challenges of Stage 2 Meaningful Use?
  • EHR Data Viewing Tops List of Most Common Healthcare App Uses
  • ICD-10 transition to impact specialists more negatively
  • Electronic Health Data Exchange Eludes Small, Rural Hospitals
  • ICD-10 update: Readiness comments should recall 5010
  • FDA Commissioner Margaret Hamburg Resigns Her Position
  • Using EHR, HIE to share vaccine data improves public health
  • VA Cerner Implementation Contract Likely to Top Out at $10B
  • Will Senate Bill Help to End the EHR Incentive Programs?
  • Providers turn to ICD-10 collaboratives to ease implementation burdens
  • How health IT architecture, data repositories benefits ACOs
  • Understanding Large-Scale Health System EHR Implementations
  • Physical therapy straw owner sentenced in Medicare fraud case
  • AHA Stresses Need for Defining Interoperability in IMPACT Act
  • HHS tackles EHR, data disaster preparedness through HIE
  • FDA issues recall of McKesson Anesthesia Care Record
  • Congress asks for details on ICD-10 delay, CMS plan for 2015
  • GAO: Poor project planning, management doomed VA-DoD iEHR
  • S&P report: Healthcare spending declining
  • Revised 21st Century Cures Act Targets Effective EHR Use
  • CIO series: Ardent Health’s Mark Gilliam
  • FAQ Addresses Transitions of Care Meaningful Use Objective
  • Interoperability Under MACRA Must Provide Standard HIE Tools
  • ONC Contest Moves API-Enabled Health Data Exchange Forward
  • CMS Considers Reducing 2015 Meaningful Use Requirements
  • Could Automation Solve the Healthcare Industry’s EHR Problem?
  • “Era of unhappy doctors” brought on by burnout, revenue woes
  • FDA clinical analytics tool scours data for adverse events
  • Mercy Health System Recognized as Top Epic EHR User
  • AHIMA: Half of providers plan to go ahead with ICD-10 anyway
  • Texas Medical Association Sounds Off on Stage 3 Final Rule
  • Which types of providers are closer to ICD-10 compliance?
  • CMS Presents New Opportunity for ICD-10 End-to-End Testing
  • Class-action lawsuit filed against Allscripts in Florida
  • FDA recognizes need for medical device interoperability standards
  • Mercy Extends Epic EHR Services to Californian Health System
  • How HealthKit integrates with EHR technology; why it matters
  • EHR adoption rates climb, meaningful use continues to lag
  • HIMSS survey: 93% of physicians use mobile health technology daily
  • Carequality launches to advance HIE network interoperability
  • Physician series: Charles Owen, MD on EHRs in the emergency room
  • Feb. 28 meaningful use attestation deadline coming up quickly
  • Top EHR vendors join CommonWell Alliance to boost interoperability
  • Rocky Cerner EHR Implementation Spurs Conflict, Billing Problems
  • Researchers link DNA with EHRs, leverage data for genomic research
  • How did a rural NH hospital achieve Stage 2 Meaningful Use?
  • CORHIO adds HealthONE system to HIE
  • E-Prescribing to Benefit from Electronic Transactions Changes
  • NEJM: Open EHR notes have a bright future as acceptance grows
  • Making Readmission Data Actionable for Physician EHR Users
  • Horizon BCBS of New Jersey, LHS Health Network create ACO
  • ONC Addresses MACRA Health Data Interoperability, HIE Measures
  • Will sequestration hurt ACOs and health IT initiatives?
  • Do PCMHs really reduce emergency room use and save money?
  • Pundits offer predictions for healthcare, health IT in 2014
  • How consultants add value to your EHR adoption, project team
  • 68% of patients would be interested in telehealth consults
  • ICD-10 countdown: What’s your contingency plan?
  • How can health IT positively impact human interaction?
  • CHIME Calls for Meaningful Use Changes in MACRA Comments
  • Social Security Joins CommonWell’s Push for Interoperability
  • Fate of 21st Century Cures Act Depends on Federal Leadership
  • EHR, HIE, and HIT Research Roundup: March 28
  • McKesson to Sell Several Ambulatory EHR Products to e-MDs
  • Browse the latest EHR, MeaningfulUse and ICD-10 White Papers and Guides 

    Related links:

    ePHI will benefit from more policy not just more technology

    UT law professor examines Utah health data breach

    Data security is everything in EHR selection and Implementation

    More on the South Shore Hospital health data breach

    Stiffer encryption means better protection for PHI or EHR

    Continue to site...