Home Health Agency Tight-Lipped About Breach

Caledonia Home Health Care & Hospice in St. Johnsbury, Vt., is giving little information to patients or the media about a breach of protected health information.


Caledonia Home Health Care & Hospice in St. Johnsbury, Vt., is giving little information to patients or the media about a breach of protected health information.

The organization has sent notifications to patients that a nurse’s Netbook computer was stolen from her home on July 20 and has not been recovered. The computer included a home health program called Palmwyse that contained protected information including Social Security numbers, but the company is not disclosing other compromised information or the number of affected patients. It will have to disclose more details to the HHS Office for Civil Rights. The notification letter does not include an offer of paid credit and/or identity theft protection services.

“The Netbook was password protected, as was the Palmwyse program,” according to the notification letter, first reported by PHIprivacy.net. “While we think it is unlikely the information could be accessed without the dual password process, it is not impossible. Below is a check list of suggestions on how you can best protect yourself from potential misuse of your personal information.”

The letter than walked patients through reviewing financial account statements during the next one or two years, monitoring credit reports, placing fraud alerts and a security freeze on credit reports, and filing reports of identity theft if suspicious activity occurs. The compliance officer for parent company Northern Counties Health Care told Health Data Management the decision was made not to talk to the media.

More for you

Loading data for hdm_tax_topic #reducing-cost...