Electronic Health Records

Policy & Regulation News

Texas MD Anderson Cancer Center announces data breach

By Patrick Ouellette

- The same week that Alaska DHSS agreed to pay $1.7 million to the government for an ePHI security breach, another big data breach was reported by the University of Texas MD Anderson Cancer Center.

An MD Anderson unencrypted computer containing patient and research information was stolen from a physician’s home on April 30. The Center investigated the matter and confirmed that the stolen computer contained patient information, such as names, medical record numbers, treatment and research information and some Social Security numbers.

The investigation hasn’t determined who the responsible criminal is and MD Anderson is trying to reproduce the computer’s information. However, more importantly, it started notifying affected patients who may have been affected. To ensure that credit card information remains safe, MD Anderson is offering credit monitoring services for those whose Social Security numbers were included in the data. Furthermore, it has call center support available to those affected.

MD Anderson said that it doesn’t believe the theft was due to the information on the computer, but that seems to be of little consequence at the moment. The unencrypted computer was completely vulnerable to theft and after what happened to DHSS, what type of action the government takes (if any) should be interesting. In its press release, Anderson said that it “takes this incident very seriously and is committed to protecting patient privacy.” If this is the case, it will follow up on its promise to ramp up its employee privacy training and encryption efforts.

  • ONC Report to Congress Tackles Risks of Information Blocking
  • New York HIEs Merge, Bring State Closer to Interoperability
  • Alarm simplification can avoid fatigue, boost patient safety
  • How Will MACRA Legislation Affect Small Physician Practices?
  • HL7, HSPC Partner to Initiate Interoperability FHIR Projects
  • Congress: We’ll only fund a single, joint EHR for DoD, VA
  • 33% of patients don’t know if they have patient portal access
  • DoD Awards $139M Contract for Patient Engagement, Access
  • Why data ownership, use could stifle health data sharing
  • ICD-10 update: Readiness comments should recall 5010
  • ONC calls on nurses to know their EHRs
  • E-Health Records Don’t Always Equal Reduced Costs
  • Recent Ransomware Attacks Show Need for EHR Downtime Plans
  • Will the healthcare industry ever really change?
  • Meaningful use expected to make significant headway in 2013
  • ICD-10 transition and your practice
  • Informatics Nursing Key to Population Health Management
  • Wide River TEC reaches REC milestone
  • Physician EHR Use, Workload Trumping Face Time with Patients
  • VA Invests in Clinical Decision Support Tool Standardization
  • Patient engagement becomes critical as care gets accountable
  • How do HIE, alerts foster improvements to care coordination?
  • HITPC considers impact of CommonWell Alliance on HIE
  • Why should you participate in ICD-10 acknowledgement testing?
  • ONC Clarifies Health IT Interoperability Under HIPAA
  • ONC to Promote Interoperability in Patient Matching Challenge
  • CMS Does a Poor Job on Healthcare Cost, Quality Data, GAO Says
  • 4 Barriers Limiting EHR Use, Health Information Exchange
  • What the 3M Healthcare Data Dictionary means to interoperability
  • Bill Aims to Limit Oversight of Clinical Decision Support
  • Mercy makes its Epic EHR expertise commercially available
  • Allscripts receives second round of private-equity bids
  • ICD-10 Delay, Meaningful Use Changes Rocked Healthcare in 2014
  • How consultants add value to your EHR adoption, project team
  • Physician EHR Use Increases, Health Data Exchange Still Lags
  • HHS names Karen DeSalvo next National Coordinator for HIT
  • 90% of Providers Believe EHR Interoperability Improves Care
  • Allscripts CEO: Q4 2012 Results Didn’t Meet Expectations
  • Medicare 30-day readmission penalties sting hospitals
  • How will state-level HIEs achieve sustainability, success?
  • DoD EHR Modernization Project Hits Snags, to Be Delayed
  • Maryland Governor details state’s path to HIE success
  • How Federal Agencies Acted to Aid EHR Interoperability in 2015
  • Two MA Hospitals Make Health IT Interoperability Investments
  • Where do patient engagement and empowerment differ?
  • What’s Ahead for Healthcare CIOs at the CHIME Fall Forum?
  • CommonWell First to Use Argonaut Project FHIR Specifications
  • Vendor dispute leaves rural practice without EHR data access
  • Healthcare Leadership Council Joins Coalition for ICD-10
  • Recapping Final Stage 2 Meaningful Use Modifications Rule
  • Where are the findings from the meaningful use audits?
  • HELP Committee Again Seeks Delay of Stage 3 Meaningful Use
  • Health data breaches and responses
  • Kansas REC receives EHR adoption grant extension from ONC
  • Beth Israel Deaconess Data Breach Update
  • UK Hospital Earns Most Wired for Use of Epic EHR Technology
  • Technical requirements for practices in meaningful use
  • How document types affect meaningful use, readmissions
  • Why are providers suddenly so confident about ICD-10?
  • EHR Downtime Results from Ransomware Attacks at CA, IN Hospitals
  • Study: Patients lack confidence in clinical decision support
  • Major Health System Joins California Data Exchange
  • Clinical Trial Success Relies on Health Data Interoperability
  • Two MO Healthcare Providers Tap Cerner for EHR Implementation
  • 55 hospitals to pay $34 million in Medicare fraud settlement
  • VA CIO Nominee Emphasizes Health Data Interoperability
  • Three Recent Major Health Information Exchange Developments
  • California, Pennsylvania HIEs Make Health Data Exchange News
  • Cerner, Epic EHR Hospitals to Share Patient EHRs in NC
  • HITPC: Stage 3 Meaningful Use to focus on patient safety, quality
  • Arkansas Legislature Considers Health IT Legislation
  • School health information exchange off to slow start in PA
  • Erroneous EHR Incentive Payments Trouble Two More States
  • Does MACRA Implementation Require New EHR Safe Harbors?
  • Two Adventist Hospitals Recognized for Exemplary EHR Use
  • Maine HIE puts focus on population health
  • Anthem BCBS, Franciscan Alliance to launch ACO in April
  • ONC explores Blue Button access for immunization records
  • Mostashari and the journey to meaningful use, EHR adoption
  • CMS Requests Feedback on New eCQMs for Inpatient Hospitals
  • GOP Senators seek details about meaningful use exemption
  • CIO series: Spaulding Rehab’s John Campbell
  • Priorities, leadership can lead rural, community hospitals to meaningful use
  • EHR notes, data analytics help track off-label drug use
  • BCBSTX, Tenet Healthcare to create statewide ACO
  • ONC, OCR team up to improve patient privacy awareness
  • OSU Wexner Medical Center Captures Second Davies Award
  • How EHR Data Exchange Drives Healthcare Reform, Improvement
  • Epic EHR Latest Addition to Walgreens HIT Infrastructure
  • Veterans Affairs: We want the DOD to pick us for its new EHR
  • How will vendors prep for ICD-10, Stage 2 MU after the delay?
  • AHA Advises MedPAC on Implementing MACRA, MIPS, APM Policies
  • Horizon BCBS of New Jersey, LHS Health Network create ACO
  • New Jersey Overpays $2.3M in Medicaid EHR Incentive Payments
  • ICD-10 delayed til 2014
  • Cash over quality: Medicare pays 190% more for faulty surgeries
  • CMS Reviews Exclusions for Meaningful Use Reporting in 2016
  • Health IT Safety Center to Face Myriad Challenges in Future
  • Will sequestration hurt ACOs and health IT initiatives?
  • CMS Presents New Opportunity for ICD-10 End-to-End Testing
  • Browse the latest EHR, MeaningfulUse and ICD-10 White Papers and Guides 

    Related links:

    ePHI will benefit from more policy not just more technology

    UT law professor examines Utah health data breach

    Data security is everything in EHR selection and Implementation

    More on the South Shore Hospital health data breach

    Stiffer encryption means better protection for PHI or EHR

    Continue to site...