theDataMap

Documenting all the places
personal data goes.

healthDataMap


Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.


Home Health organizations and workers help patients who need regular medical care live at home independently. They get health information from you/your family and your provider, and keep track of that medical data and any treatments they perform.

Examples

Faith Home Health, Inc. purchases statewide personal hospital discharge data from at least FL [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

A Caring Hand Home Health Care Services, Inc. had a data breach in 2012, in Virginia. A staffing manager collaborated with the owner of A Caring Hand Home Health Care Services, Inc. (A Caring Hand) to hide Medicaid fraud. Between January of 2008 and October of 2011 the owner of A Caring Hand submitted about 900 fraudulent Medicaid claims for payment for services provided to 30 Medicaid recipients. The Medicaid recipients never received those services and around $630,000 was fraudulently obtained by the owner of A Caring Hand. The staffing manager and other staff members falsified office records at A Caring Hand to cover up the fraud between September 2010 and October 6 of 2011. The staffing manager was sentenced and the owner of A Caring Hand will be sentenced in January of 2013. (30 records involved) [source].

  

Family Home Care purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Alere Home Monitoring, Inc. had a data breach in 2012, in California. The September 23 theft of an employees unencrypted laptop resulted in the exposure of information of over 100,000 patients. The laptop was stolen from the employees home. Names, Social Security numbers, addresses, and diagnosis information of patients taking drugs to prevent blood clots were exposed. Alere became aware of the breach on October 1. (100000 records involved) [source].

  

Home Care Services. Inc. purchases statewide personal hospital discharge data from at least NJ [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

American HomePatient Inc., LifeGas had a data breach in 2013, in Tennessee. A laptop was stolen or discovered stolen on October 11, 2012. The incident appeared on the HHS website in February of 2013. [source].

  

Northwest Healthcare purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Apex Laboratory had a data breach in 2012, in New York. Apex Laboratory learned from law enforcement investigators on July 30 that an unauthorized party or parties accessed their computer systems. Patients may have had their names, Social Security numbers, addresses, phone numbers, dates of birth, gender, and insurance identification numbers were exposed. [source].

  

Option Care purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

First Choice Home Health Care Services Inc., Reliance Home Care, LLC had a data breach in 2013, in Michigan. A group of co-conspirators used Medicaid information from Medicare beneficiaries in and near Detroit to defraud Medicaid and file for $24.7 million in fraudulent claims. The fraud took place between 2008 and May of 2012. Hundreds of patients had their information misused so that co-conspirators could bill Medicare for psychotherapy, home health services, and other medical services. [source].

  

Sutter Care At Home purchases statewide personal hospital discharge data from at least CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

HomeCall Inc. had a data breach in 2010, in Maryland. A portable point of care device was stolen from an employee. Client names, addresses, Social Security numbers, medical record numbers, diagnoses and treatment information were on the unencrypted device. [source].

  

Vitas Healthcare Corporation purchases statewide personal hospital discharge data from at least FL [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

King Drug & Home Care had a data breach in 2013, in Kentucky. An employee reported that a portable hard drive was missing on November 23, 2010. The device had last been seen sometime around November 19. The data on the device included information from before July 31, 2009. Client names, Social Security numbers, medical record numbers, account numbers, dates of service, race, insurance carriers and insurance numbers, addresses, phone numbers, sex, dates of birth, diagnosis information, allergies, initial referral forms, patient assessments/plans of care, physician orders and/or delivery ticket information may have been on the hard drive. (13,619 records involved) [source].

  

York Hospital Home Care purchases statewide personal hospital discharge data from at least ME [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

ManorCare Health Services had a data breach in 2010, in Maryland. Montgomery Countys Department of Health and Human Services is looking into how numerous Wheaton nursing home papers containing sensitive patient information have made their way into nearby neighbors yards over the past few months. The county sent a nursing home inspector to investigate complaints from residents in the Wheaton Regional Park Civic Association who said they have found internal documents from the nearby ManorCare Health Services that contain patient conditions, names and Social Security numbers. The inspector cited ManorCare for inappropriate conduct. [source].

  
  

(return to health DataMap)



Copyright © 2012-2016 President and Fellows Harvard University.