theDataMap

Documenting all the places
personal data goes.

healthDataMap


Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.


Manufacturers of medical equipment and personal medical devices often requires information about the patient to be forwarded to the company from healthcare providers, analytic companies, and you, the patient.

Examples

Boston Scientific Corporation purchases statewide personal hospital discharge data from at least CA FL [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Apria had a data breach in 2012, in Arizona. An employees laptop was stolen from a locked vehicle in June. It contained billing information about Apria patients in California, Arizona, New Mexico, and Nevada. Patient names, Social Security numbers, dates of birth, and other personal or health information may have been exposed.UPDATE(09/29/2012): The laptop was stolen on June 14 and was password-protected. Current and past patients were affected.UPDATE(04/03/2013): Billing information for 65,700 patients was stored on the laptop. (65,700 records involved) [source].

  

Hanger Prosthetics & Orthotics purchases statewide personal hospital discharge data from at least CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

CardioNet, Inc. had a data breach in 2012, in Pennsylvania. The theft of a laptop on or around November 10, 2011 may have resulted in the exposure of protected health information. It is unclear if this incident is related to a December 29, 2011 incident that also resulted in the theft of a laptop that contained protected health information. [source].

  

Healthgnostics Inc. purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

CardioNet, Inc. had a data breach in 2012, in Pennsylvania. The December 29, 2011 theft of a laptop may have resulted in the exposure of protected health information. It is unclear if this incident is related to a November 10, 2011 theft of a laptop that contained protected health information. [source].

  

Medtronic Inc purchases statewide personal hospital discharge data from at least WA CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

DJO, Empi Recovery Services had a data breach in 2008, in Minnesota. A laptop was stolen from an employees car in Minneapolis. The laptop contained the names, addresses, account balances, insurance company, and Social Security numbers of patients. (68,857 records involved) [source].

  

Plastic and Hand Surgical Associates purchases statewide personal hospital discharge data from at least ME [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Ebony Medical Equipment and Supplies, Inc. had a data breach in 2010, in Texas. The owner used patient medical information to fraudulently obtain over $70,000 from Medicare and Medicaid. The owner is also charged with buying patient information. [source].

  

Westcoast Brace & Limb purchases statewide personal hospital discharge data from at least FL [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

EZ Step had a data breach in 2012, in California. The owner of EZ Step and an employee were both charged with conspiracy to commit health care fraud. They were also charged on multiple counts of health care fraud. The charges come from allegations that the two people sought reimbursement by forging physician signatures, fabricating prescriptions and equipment orders, forging patient signatures on delivery forms to misrepresent prescription medication and durable equipment deliveries, and altering valid prescriptions between 2005 and 2007. Arrests were first made in July of 2011. [source].

  

Zimmer, Inc purchases statewide personal hospital discharge data from at least NY [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

HyCentral Medical Supplies and Equipment had a data breach in 2010, in New Hampshire. The owner of the business used Medicare client information to obtain approximately $1.6 million worth of fraudulent claims. [source].

  
  

(return to health DataMap)



Copyright © 2012-2016 President and Fellows Harvard University.