Electronic Health Records

Policy & Regulation News

Texas MD Anderson Cancer Center announces data breach

By Patrick Ouellette

- The same week that Alaska DHSS agreed to pay $1.7 million to the government for an ePHI security breach, another big data breach was reported by the University of Texas MD Anderson Cancer Center.

An MD Anderson unencrypted computer containing patient and research information was stolen from a physician’s home on April 30. The Center investigated the matter and confirmed that the stolen computer contained patient information, such as names, medical record numbers, treatment and research information and some Social Security numbers.

The investigation hasn’t determined who the responsible criminal is and MD Anderson is trying to reproduce the computer’s information. However, more importantly, it started notifying affected patients who may have been affected. To ensure that credit card information remains safe, MD Anderson is offering credit monitoring services for those whose Social Security numbers were included in the data. Furthermore, it has call center support available to those affected.

MD Anderson said that it doesn’t believe the theft was due to the information on the computer, but that seems to be of little consequence at the moment. The unencrypted computer was completely vulnerable to theft and after what happened to DHSS, what type of action the government takes (if any) should be interesting. In its press release, Anderson said that it “takes this incident very seriously and is committed to protecting patient privacy.” If this is the case, it will follow up on its promise to ramp up its employee privacy training and encryption efforts.

  • What keeps the lights on during health IT adoption, support?
  • Q&A: Device interoperability opens world of accountable care
  • Meeting health IT staffing needs of meaningful use, HIE
  • Senators form alliance to promote expansion of telehealth
  • mHealth World Congress: Cleveland Clinic on mobility
  • Here’s how to volunteer for the ICD-10 end-to-end test pilot
  • Optum Institute finds patient engagement lacking
  • Kansas REC receives EHR adoption grant extension from ONC
  • New Fee Schedule Raises Healthcare Interoperability Concerns
  • Physicians are ready, willing, but not quite able to qualify for meaningful use
  • Health information exchange at Mass HIway to take next step
  • HIMSS15: ICD-10 Transition, Partnerships, and Speakers
  • ONC brief: RECs help FQHCs adopt EHR, achieve meaningful use
  • Mostashari defends meaningful use before Finance Committee
  • NYeC seeks patient engagement, analytics entrepreneurs
  • Primary Care Study Shows Health IT Integration on the Rise
  • Week Ahead in Health IT Interoperability: Sept. 28-Oct. 4
  • Where are the findings from the meaningful use audits?
  • Telehealth gets Congressional attention with letter, new bill
  • DirectTrust Experiences Continued Growth in Health Data Exchange
  • For Stage 2 Meaningful Use Attestation, Pick a Larger EHR Vendor
  • EHR Health Data Collection to Impact Health Industry Shift
  • Advocates Call for Immediate 2015 Meaningful Use Changes
  • Do patients understand their right to access their electronic health records?
  • What Vitera’s acquisition of SuccessEHS means to providers
  • OIG Found Inaccurate EHR Incentive Payments in Arkansas
  • State HIE experiences show challenges, successes at HIMSS13
  • Simple, connected mHealth is the key to patient engagement
  • Health IT Standard eDOS Enables EHR Interoperability, Savings
  • mHealth market projected to grow by billions in years ahead
  • AHIMA Patient Data Sharing White Paper Open for Public Comment
  • MGMA wants a moratorium on Medicare meaningful use penalties
  • Cerner, athenahealth work on EHR integration with HealthKit
  • eClinicalWorks Enters Two New Partnerships to Enhance EHR Use
  • Remediation in the EHR-enabled clinic
  • Two Arizona HIOs collaborate for expanded statewide HIE
  • The business case for big data and healthcare analytics
  • For ICD-10 Success, Make the Time to Test Early and Often
  • ONC: Interoperability, meaningful use are works in progress
  • Vendor dispute leaves rural practice without EHR data access
  • mHealth apps will be worth $26B by 2017 and reach 1.7B users
  • Pediatric telehealth UCLA shows positive results for obesity
  • How can patient engagement counteract DTC prescription ads?
  • Patient Views on EHR Use Tied to Limited Health Literacy
  • How Efficient EHR Use Can Improve Chronic Disease Management
  • Calculating different EHR incentive payments
  • Why Postponing ICD-10 Compliance Deadline Causes Setback
  • AHA: Medicare should expand data transparency, availability
  • Oregon embraces OpenNotes, lets patients view EHR data
  • Tripathi: Clinical analytics and HIE provide rich, timely data
  • EHR improves preventive care with PHR
  • HHS names Karen DeSalvo next National Coordinator for HIT
  • Allscripts to close 12 offices, 1 warehouse in North America
  • Do PCMHs really reduce emergency room use and save money?
  • ICD-10 education, CDI training must be flexible for physicians
  • Where Health Information Exchange Fits in Care Management
  • CVS Offering Prescription Benefit Information Through Surescripts
  • How Orion Health extends HIE functionality
  • Telehealth law to create federal definition, provide guidance
  • Using Meaningful Use, ICD-10 to Build a Successful Practice
  • KPMG survey: Low readiness for Stage 2 Meaningful Use
  • CORHIO, medical unit partner to reduce ER visits through HIE
  • Medical scribe certification may ease EHR data entry burdens
  • Administrative challenges of meaningful use attestation: Q&A
  • Why is EHR certification endangering Stage 2 Meaningful Use?
  • Indiana Moves to Dismiss Lawsuit Tied to Medicaid Meaningful Use
  • athenahealth Leads Epic, Cerner in Ease of EHR Data Sharing
  • 51 Colorado Beacon providers celebrate 2012 quality improvements
  • Few Providers Satisfied with EHR System Success in QPP
  • Why are payers concerned with patient engagement strategies?
  • Study shows dictation with EHR means worse care
  • MU Health Wins HIMSS Davies Award for Health IT, EHR Use
  • Scammers exploit seniors’ interest in mHealth, home monitoring
  • CMS Issues 3 FAQs on Meaningful Use Public Health Reporting
  • Will LACIE, KHIN learn to share before looming Sept. deadline?
  • Leadership shuffle atop the VA continues following scandal
  • Benefits of VDI Implementation to Physician Productivity
  • Pew Calls on VA to Prioritize Health Data Exchange, Safety
  • Is current EHR technology ready for accountable care?
  • UC Davis releases buyer’s guide for HIE-capable EHR systems
  • Physician series: Beyond meaningful use with Winfield Young, MD
  • HITPC moves for better EHR-supported HIE in Stage 3
  • Top EHR Twitter resources
  • CMS Outlines 2015 PQRS Reporting Challenges, Trends
  • CMS reminds eligible providers of July 1 hardship exemption
  • Transition to Value-Based Care Requires Health Data Exchange
  • AMA: Cost of ICD-10 will be prohibitive for most providers
  • Texas MD Anderson endures second data breach
  • ONC Health Data Exchange Framework Enjoying Support of Industry
  • Popular EHR Products Score Low on EHR Usability Framework
  • Why Thorough EHR Adoption Must Precede Population Health
  • IOM: Healthcare must work smarter to support physicians
  • Ensuring Your EHR System Meets MACRA Requirements in 2017
  • Top Features, Functions to Advance Direct Interoperability
  • Cerner Releases Consumer-Facing EHR to Improve Interoperability
  • Groups weigh in on SGR repeal plans, Medicare payment freeze
  • South Carolina limits fees for copying medical records
  • EHR Use Assists Warfarin Patients during Transitions of Care
  • Neurologist Joins Push to Abandon ICD-10 Implementation
  • Lakeland, FL hospitals use EHR to monitor quality of graduate education
  • Browse the latest EHR, MeaningfulUse and ICD-10 White Papers and Guides 

    Related links:

    ePHI will benefit from more policy not just more technology

    UT law professor examines Utah health data breach

    Data security is everything in EHR selection and Implementation

    More on the South Shore Hospital health data breach

    Stiffer encryption means better protection for PHI or EHR