Boston Scientific Corporation purchases statewide personal hospital discharge data from at least CA FL [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

Apria had a data breach in 2012, in Arizona. An employees laptop was stolen from a locked vehicle in June. It contained billing information about Apria patients in California, Arizona, New Mexico, and Nevada. Patient names, Social Security numbers, dates of birth, and other personal or health information may have been exposed.UPDATE(09/29/2012): The laptop was stolen on June 14 and was password-protected. Current and past patients were affected.UPDATE(04/03/2013): Billing information for 65,700 patients was stored on the laptop. (65,700 records involved) [source].

Hanger Prosthetics & Orthotics purchases statewide personal hospital discharge data from at least CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

CardioNet, Inc. had a data breach in 2012, in Pennsylvania. The theft of a laptop on or around November 10, 2011 may have resulted in the exposure of protected health information. It is unclear if this incident is related to a December 29, 2011 incident that also resulted in the theft of a laptop that contained protected health information. [source].

Healthgnostics Inc. purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

CardioNet, Inc. had a data breach in 2012, in Pennsylvania. The December 29, 2011 theft of a laptop may have resulted in the exposure of protected health information. It is unclear if this incident is related to a November 10, 2011 theft of a laptop that contained protected health information. [source].

Medtronic Inc purchases statewide personal hospital discharge data from at least WA CA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

DJO, Empi Recovery Services had a data breach in 2008, in Minnesota. A laptop was stolen from an employees car in Minneapolis. The laptop contained the names, addresses, account balances, insurance company, and Social Security numbers of patients. (68,857 records involved) [source].

Plastic and Hand Surgical Associates purchases statewide personal hospital discharge data from at least ME [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

Ebony Medical Equipment and Supplies, Inc. had a data breach in 2010, in Texas. The owner used patient medical information to fraudulently obtain over $70,000 from Medicare and Medicaid. The owner is also charged with buying patient information. [source].

Westcoast Brace & Limb purchases statewide personal hospital discharge data from at least FL [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

EZ Step had a data breach in 2012, in California. The owner of EZ Step and an employee were both charged with conspiracy to commit health care fraud. They were also charged on multiple counts of health care fraud. The charges come from allegations that the two people sought reimbursement by forging physician signatures, fabricating prescriptions and equipment orders, forging patient signatures on delivery forms to misrepresent prescription medication and durable equipment deliveries, and altering valid prescriptions between 2005 and 2007. Arrests were first made in July of 2011. [source].

Zimmer, Inc purchases statewide personal hospital discharge data from at least NY [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

HyCentral Medical Supplies and Equipment had a data breach in 2010, in New Hampshire. The owner of the business used Medicare client information to obtain approximately $1.6 million worth of fraudulent claims. [source].

Kaiser Permanente Northern California had a data breach in 2016, in California. A laptop was stolen containing names, phone numbers, and the Kaiser number for each HMO member. The data file did not include SSNs. The data was being used to market Hearing Aid Services to Health Plan members. [source]

Medical Solutions Management, Inc. had a data breach in 2012, in New York. The information was breached via Network Server. [source]

Pamlico Medical Equipment, LLC (Now Vidant Internal Medicine) had a data breach in 2012, in North Carolina. A flash drive was lost during transit on or around May 16. Patient names, Social Security numbers, Medicaid numbers, insurance carrier contact information, medical equipment being provided by Pamlico Medical Equipment, service date, price of the equipment rental, and other miscellaneous billing information may have been on the flash drive. The flash drive is believed to have been place with compacted trash that was transported to a landfill. [source]