Get in front of physical data breaches and drug diversion risks that threaten your organization with Senseon’s Physical Security Breach Roundup. We bring you the most recent physical data breach and drug diversion announcements each month. If you want to learn more about what you can do to minimize the risk of your facility ending up on this list, we can help.

“Easy” Drug Theft Blamed on Poor Medication Management

Minnesota’s Department of Health is dealing with the fall out after a staff member at Benedictine Living Community in Duluth was found diverting medication from multiple clients. The state report found that the staff member stole over 200 units of hydrocodone/acetaminophen, 42 units of an anticonvulsant, and other medications. The bulk of the stolen drugs were opioids.

Interviews with the staff revealed that medications were rarely counted by staff members and access was often uncontrolled.

Business Associate Waits 5 Months to Report Laptop Theft, Violates HIPAA

Massachusetts-based Re-Solutions began notifying clients that data was potentially breached after the theft of an employee laptop. The device was reported stolen on August 23, 2018. The laptop was password protected, but it’s still unclear whether it was encrypted or whether Re-Solutions could remotely wipe the device. RSC did not notify its clients until almost 5 months after the incident — HIPAA requires covered entities and business associates to report a breach within 60 days of discovery.

Stolen Desktops=Breached Data

Oklahoma Heart Hospital patients are on high alert after their data was possibly compromised.

Four desktop computers were stolen in January resulting in the breach of 1,200 patients’ personal data. The theft happened while one building was being vacated. Leadership has revised procedures to avoid a repeat of the incident.

Nurse Anesthetist Indicted

Christopher Scott West, a Charles City nurse anesthetist, has been indicted on allegations that he diverted opioid painkillers for his own use. West has accused drug diversion, but also of choosing an additional anesthesia method for a laparoscopic surgery patient to give him access to the leftover medication. The Floyd County Medical center patient ended up suffering additional complications from the surgery and staying additional time in the hospital.

West allegedly tried to cover his tracks by cutting tamper-resistant seals of drug vials in the storage room and removing up to 88 percent of the drug before he replaced it with another liquid. He would then glue vials shut and return them to storage.

Breach at Rocky Boy Health

Patients of Rocky Boy Health Center in Montana are receiving warnings after a break-in in mid-January. The medical records office contained X-rays and dental records that dated back to the 1990s as well as PHI.

Are Healthcare’s Security Issues a Result of Underspending?

More proof is mounting up that no hospital is safe from security breaches. The 2019 HIMSS Cyber Security Survey revealed that almost 82% of information security leaders in hospitals deal with major security incidents.

Healthcare data is essentially the “holy grail of personal” data and is especially tempting to hackers. Still, spending on security in the industry lags. Here’s how healthcare stacked up in spending of total IT budget on security in 2018:

  • Healthcare: about 5 %
  • Banking and financial services: 7.3%
  • Retail and wholesale: 6.1%
  • Insurance: 5.7%

The overall average across 13 industries was 6 percent. The issue though could be one of the priorities. With painfully tight budgets, many hospitals prioritize spending on patient care over security measures.

Want to learn more about what you can do to prevent security breaches through RFID technology? Contact us today!