Tag: HIPPA

Posted on

Data Breach at Valley Raises Serious Concerns

valley_hospital_theridgewoodblog

May 26,2015
the staff of the Ridgewood blog

Ridgewood NJ, According to the Record updated article ..Last updated: Friday, May 22, 2015, 3:49 PM
“On Friday, hospital officials stressed that their internal records were safe; only the personal information that had been given to the outside billing company by the physician groups who staff their ERs had been compromised. The hospitals were not responsible for hiring the outside billing company.”

So Valley states that their records are safe but your personal billing and credit information was compromised.

Acording to the US Depatment of Health and Human services ; The Office for Civil Rights enforces the HIPAA Privacy Rule, ( The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security and Breach Notification Rules )
which protects the privacy of individually identifiable health information; the HIPAA Security Rule, which sets national standards for the security of electronic protected health information; the HIPAA Breach Notification Rule, which requires covered entities and business associates to provide notification following a breach of unsecured protected health information; and the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety.

So were these third parties in HIPPA compliance and was it HIPPA compliant to share the patient info to begin with?

“All of those were who affected have been notified, said Valley spokeswoman Maureen Curran Kleinman.”

“If you got a letter, Valley recommends that you follow the instructions in the letter – secure your free credit protection,’’ she said. “If you didn’t get a letter, you are not at risk.’’

Article also says “Officials at Holy Name and Englewood Hospital said 1,500 patients at each of their hospitals received warning letters from Medical Management about the breach. ..”Valley, which treats about 73,000 patients in its ER each year, did not provide a number.’”

So the question remains , DID Valley send notice letters of this breach or NOT?? to affected patients in its ER from Feb 2013 to Mar 2015?? Haven’t received any notice, and we’ve used Valley ER 4 times during 2013 to 2014. Dose the breach extend to ALL of Valley Health Care Systems??

One attorney Joseph R. Santoli, Esq contacted us and said he is  handling the data breach case from my Ridgewood law office. 201-926-9200 .