Laptop Leaves 7,000 TX Patients at Risk; Nurse Steals Drugs from Hospice Veterans

Stay on top of physical data breaches and drug diversion risks that threaten your healthcare organization with Senseon’s Physical Security Breach Roundup. We bring you the most recent physical data breach and drug diversion announcements each month. If you want to learn more about what you can do to minimize the risk of your facility ending up on this list, we can help.

Physical Breaches

Stolen Laptop Leaves 7,000 Texas Patients at Risk

Connally Memorial Medical Center is left notifying 7,358 patients of a PHI violation after they learned of a stolen laptop on June 21. The laptop, property of a business associate, was password-protected, but not encrypted. . The laptop, property of a business associate, was password-protected, but not encrypted. 

Patient data included names, dates of birth, gender and ethnicity, and some patients also had their diagnosis and transfer information exposed.

Breach leads to $7.5 Million Class Action Settlement

UCLA Health is left to settle a $7.5 million class-action suit. 

Patients brought the suit in response to the health system discovering suspicious activity on its network in 2014. About 4.5 million patients were affected by the breach but HHS OCR determined that the health system had followed appropriate protocol and post-breach efforts to beef up security. 

Still, patients weren’t satisfied and filed the class-action suit with the argument that UCLA didn’t notify them in a timely manner, had breached a contract, and were negligent in failing to protect patient privacy.

HIPAA Penalties Increasing with Time

It appears that the severity of HIPAA penalties is increasing as the act ages. 

In 2018, HHS OCR settled 10 cases around HIPAA violations with a total of $28.7 million in payments allotted. That number is higher than 2016’s total by 22%. That number includes the record-breaking, $16 million Anthem Inc. settlement which tripled the previous highest settlement amount.

Drug Diversion

Nurse Accused of Stealing Morphine from Hospice Veterans

Kathleen Noftle is facing federal charges after allegedly using sink water to dilute morphine intended for sick veterans. It’s claimed she did so to inject the leftover drugs herself. An investigation revealed that one veteran suffered needlessly at the end of his life as a result of her actions. 

Noftle was a nurse in the hospice unit at a Veterans Medical Center in Bedford, MA. She has been arrested and charged with one count of tampering with a consumer product and obtaining a controlled substance by misrepresentation, fraud, deception, and subterfuge.

Tennessee Medical Assistant Foud Guilty of Drug Theft

Paula Hutcherson has been indicted on 13 counts of prescription drug theft and five counts of identity theft after an investigation revealed that she used her access as a medical assistant to fraudulently obtain prescription drugs. 

Iowa Nurse Uses Toilet Water to Pass Test That Eventually Uncovered Her Drug Diversion

Lacey Staveley was sentenced to over a year in prison for diverting pain medication from nursing home patients. She was also accused of stealing medication from a relative suffering from multiple sclerosis after she pleaded guilty. 

Staveley allegedly took hydrocodone intended for two chronic pain patients while employed at Cedar Falls Health Care.  She then allegedly destroyed medication logs and replaced them with fakes. She dodged a drug test by using toilet water, but a second test came up positive for opiates, meth, and marijuana. Staveley was ordered to pay $557 in restitution to one victim.

Want to dig deeper? Learn how RFID technology is used to restrict access to lethal drugs.