Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Stolen briefcase exposed data of 4,056 cancer patients at Moffitt Cancer Center
WFLA 8 News ^ | 9-11-2020 | WFLA 8 On Your Side Staff

Posted on 09/12/2020 4:11:55 AM PDT by NautiNurse

TAMPA (WFLA) – Moffitt Cancer Center is notifying patients that a briefcase containing personal patient information was stolen from a physician’s car in July.

According to the cancer center on July 4, Moffitt learned about the potential breach that affected over 4,000 patents.

The briefcase contained two personal storage devices, which were not encrypted, and printouts of clinical schedules, according to a patient notice posted Sept. 2 on Moffitt’s website. The information included patient names, dates of birth, medical record numbers and some information about what kind of medical treatment those patients received at Moffitt.

Moffitt says patients social security numbers and financial information were not affected.

The information stolen involves certain patients who received care through the Blood and Marrow Transplant Department.

In an abundance of caution, Moffitt began mailing letters Sept. 2 to affected patients, encouraging them to review all statements from their health care providers and to verify all services.


TOPICS: Crime/Corruption; Extended News; US: Florida
KEYWORDS: cancerpatients; databreach; hipaa; moffitt; tampa
Navigation: use the links below to view more comments.
first 1-2021-29 next last
Unencrypted patient info = HIPAA violation. The careless physician's name is omitted, unlike the precious, private info s/he left in a car. Occurred in early July, patients notified in September. No sense of urgency.
1 posted on 09/12/2020 4:11:55 AM PDT by NautiNurse
[ Post Reply | Private Reply | View Replies]

To: NautiNurse

Neither here nor there, but interesting nonetheless. I was setting up an appointment with a skin doctor to do a cancer screening and other issues. While I was on the phone with the nurse I got a text notification. It was from a lawyer and said that if I had been diagnosed with skin cancer to call this number. This is not the first time I have mentioned something on the phone and suddenly been inundated with ads for that thing.


2 posted on 09/12/2020 4:22:42 AM PDT by Gen.Blather (Wait! I said that out loud?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NautiNurse
Here's another one, from PA and Upstate NY...

Guthrie patients possibly affected by Blackbaud data breach

3 posted on 09/12/2020 4:29:50 AM PDT by mewzilla (Break out the mustard seeds.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Gen.Blather
Did you do an internet search for skin cancer and/or doctor? We have repeatedly noticed internet searches are quickly followed by same-topic and/or same-company television and internet advertisements.

Creepy.

4 posted on 09/12/2020 4:43:18 AM PDT by NautiNurse (Put $5000 cash in an envelope. Mail it to yourself. If this makes you queasy, vote at the polls.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: mewzilla

One similarity—companies with data breaches all wait many months before notifying those affected.


5 posted on 09/12/2020 4:48:12 AM PDT by NautiNurse (Put $5000 cash in an envelope. Mail it to yourself. If this makes you queasy, vote at the polls.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: NautiNurse

I’m wondering if this an organized and effort and more medical providers have either been hit or targeted...


6 posted on 09/12/2020 4:53:22 AM PDT by mewzilla (Break out the mustard seeds.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: NautiNurse
Well, whatdya know. Here's another one...

Nuvance Health announces third-party data breach

And check this one out. Constituent data?!

MUSC impacted by Blackbaud data breach

Just checked since the enemdiot couldn't be bothered to tell readser: MUSC is Medical Univerdity if South Carolina. Constituent data?! Anyway, that's another one.

7 posted on 09/12/2020 4:58:57 AM PDT by mewzilla (Break out the mustard seeds.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: mewzilla

Pardon my spelling errors.


8 posted on 09/12/2020 4:59:40 AM PDT by mewzilla (Break out the mustard seeds.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: mewzilla

Just did a search for the keywords data, breach, patient.

Holy cow. Yup, there has been a lot of them recently.


9 posted on 09/12/2020 5:01:23 AM PDT by mewzilla (Break out the mustard seeds.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: NautiNurse

They have 90 days to publicly disclose but only 72 hours to report to law enforcement. This stuff happens all the time in healthcare.


10 posted on 09/12/2020 5:06:48 AM PDT by rarestia (Repeal the 17th Amendment and ratify Article the First to give the power back to the people!)
[ Post Reply | Private Reply | To 5 | View Replies]

To: NautiNurse

I was on the phone with the nurse. I said, “diagnosed...skin cancer “. Moments later got lawyers ad with sane words.


11 posted on 09/12/2020 5:18:42 AM PDT by Gen.Blather (Wait! I said that out loud?)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Gen.Blather

Are you saying you did not search for skin cancer and/or the physician on the internet before contacting the provider?


12 posted on 09/12/2020 5:51:53 AM PDT by NautiNurse (Put $5000 cash in an envelope. Mail it to yourself. If this makes you queasy, vote at the polls.)
[ Post Reply | Private Reply | To 11 | View Replies]

To: rarestia

At this point in the 21st century, nobody should be transporting unsecured patient health data. Particularly electronic storage in a car in sweltering Florida in the summer. Too many stupid details to count.


13 posted on 09/12/2020 5:55:50 AM PDT by NautiNurse (Put $5000 cash in an envelope. Mail it to yourself. If this makes you queasy, vote at the polls.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: NautiNurse

That is correct.


14 posted on 09/12/2020 6:08:24 AM PDT by Gen.Blather (Wait! I said that out loud?)
[ Post Reply | Private Reply | To 12 | View Replies]

To: NautiNurse

Received mail dated 2 Sept 2020 from my local hospital where I’ve spent too much time this past decade.

“...we recently learned that we are one of the more than 200 organizations impacted by a dat breach at Blackbaud, Inc, a third party software company used for our fund raising records...Blackbaud recently informed us that they discovered and stopped a ransomware attack in May.” (The attacker was able to remove a back up file)

Gee, thanks guys for informing in third quarter of second quarter of cyber ransom/data breach. Johnny on the spot!

There’s this nagging feeling that maybe a company called BlackBaud might not be up to snuff...but that’s just me.


15 posted on 09/12/2020 6:13:17 AM PDT by Covenantor (We are ruled...by liars who refuse them news, and by fools who can not govern. " Chesterton)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NautiNurse

The doctor is too stupid to be trusted with patient care.


16 posted on 09/12/2020 6:15:05 AM PDT by PAR35
[ Post Reply | Private Reply | To 1 | View Replies]

To: NautiNurse

I doubt anyone would disagree with you, but despite all of the “paperwork reduction” garbage of the last 20 years, patient charts are still stored on paper in many places. Healthcare workers are some of the most notorious for working around IT security policies, and most healthcare IT shops let it slide; because doctors are the income generators for healthcare organizations, and if they’re inconvenience, they’re often the squeakiest wheels. You just simply don’t tell a doctor “no” without reaping a shitstorm.


17 posted on 09/12/2020 6:34:58 AM PDT by rarestia (Repeal the 17th Amendment and ratify Article the First to give the power back to the people!)
[ Post Reply | Private Reply | To 13 | View Replies]

To: rarestia

Shielding the physician name from public notification supports the failure to protect personal patient info. A HIPAA fine would be appropriate here too. Public shame and pocketbook hit from outside the facility would have more influence. The minimum HIPAA fine is $100 per violation, up to $25,000.


18 posted on 09/12/2020 6:48:40 AM PDT by NautiNurse (Put $5000 cash in an envelope. Mail it to yourself. If this makes you queasy, vote at the polls.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: PAR35
The doctor is too stupid to be trusted with patient care.

At the very least, careless. Who wants a careless doctor?

19 posted on 09/12/2020 6:49:56 AM PDT by NautiNurse (Put $5000 cash in an envelope. Mail it to yourself. If this makes you queasy, vote at the polls.)
[ Post Reply | Private Reply | To 16 | View Replies]

To: NautiNurse

Actually, upon reflection, probably arrogant rather than stupid. Rules are for peons. He’s to important to be bound by the rules. He SAVES LIVES. (Except for when he doesn’t).

A fine 3x the new price of his car and 6 months cleaning bed pans and mopping hospital floors might be the appropriate response.


20 posted on 09/12/2020 6:56:24 AM PDT by PAR35
[ Post Reply | Private Reply | To 19 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-29 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson