Crescent Healthcare, A Wholly Owned Subsidiary of Walgreens–Security Breach With the Personal Health Records, Again Time t
Posted Feb 25 2013 1:10pm
Not too long ago Walgreens made the news that pharmacists and all involved in clinical patient treatment areas would have access to a patient’s personal health record , used via their retail clinics. I don’t know if this is the specific information relating to those data bases or not as discussed in this article as is appears that the information relates to those patients. Back in 2010 Walgreens and Omnicare swapped businesses to where Walgreens took over the home infusion business, so of course this meant some data IT work had to be done to integrate with those records owned by Omni. Omnicare has had issues in the past with whistleblower legal cases with Johnson and Johnson over the years which was pretty highly publicized.
“ Crescent Healthcare, a Walgreens company, manages and delivers integrated pharmacy and nursing solutions in alternate site settings. Accredited by the Accreditation Commission for Health Care (ACHC), we are committed to delivering exceptional quality care that is both clinically appropriate and cost effective.
Crescent Healthcare, a Walgreens company, is part of Walgreens Infusion Services, the leading provider of infusion therapies for over 30 years. “
The article states that “paper” was stolen as well and perhaps this was information that was yet to be input? The “hardware” was stolen, so we don’t know if this was a single computer or did they get away with some servers. So if one was a patient with their infusion drug areas, well it looks like that’s the information to include names, addresses dob, and clinical diagnoses that were lifted. You know Walgreens as well as so many other healthcare entities makes a ton of money selling data (like around short of $800 million in 2010, SEC Report on intangible income) and it has to be formatted and cleaned up for use with ensuring data integrity is present before it can be sold too, so one wonders what was being done with this data possibly? Was it work in progress to format data for sale? It could have been and then maybe not, but a good question to ask today with the huge epidemic of data being sold today and the surmounting flaws that keep growing at a rapid pace too.
Chances are few of those affected probably even know the potential amount of their data being sold, much less being stolen now too. It’s a tough world out there for consumers today and again breaches as such along with a federal website where consumers could look up who sells what kind of data and to who would be extremely helpful in times when breaches occur as well. Otherwise nobody knows until they get “that letter”. Right on the website the infusion drug page for Walgreens states they have experts to help you work with your insurers too. Their listed 98% satisfaction rate might drop a little after the breach, maybe?
So again when items like this happen it would make sense to have all banks, companies, etc. licensed and excise taxed on the data they sell as billions and billions of profit are made, running on servers 24/7 and you as a consumer are completely blind to the process, but that doesn’t mean it doesn’t exist. The US government needs to hire technologists to fight crime anyway. You might want to read what I said over at the weekend at the Daily Koz. This is just my opinion here and based on all that has been in the news related to making money on selling data and breaches perhaps this calls for a new focus of putting security with data ahead of making money selling data. The data selling has just gone hog wild out there and when a company has to make a decision today to expand and build a factory versus hiring a few technologists to set up data mining and selling with little or no federal regulation and the millions come in from selling it off the servers, where’s the incentive for companies to create jobs when this very profitable option is available? It’s definitely something to give some thought too as when it is used out of context, and we seeing some of this along with the good, it hurts consumers. Again we don’t know what the status was on the data stolen or where it was being directed but this is a good question we might all be asking more today from all of those banks and companies selling our data. So what would one think the thieves are going to do with the data, sell it of course, so wake up time. BD
A Walgreens healthcare company has notified patients and employees of a data breach after computer hardware and other paper records containing the personal health information and Social Security numbers of patients was stolen.
Anaheim, Calif.-based Crescent Healthcare mailed out letters to patients and employees Feb. 21, notifying them of the theft which occurred Dec. 28, 2012. According to the letter, an unknown person or persons broke into Crescent's billing center and stole the hardware, which may have contained patient names, addresses, phone numbers, Social Security numbers, health insurance data, dates of birth and clinical diagnoses. The group notified authorities three days later.