Vendor HIPAA breach puts patient data on Google

A California hospital, Mercy Medical Center Redding, is notifying patients of a HIPAA breach after their protected health information was viewable on Google and other search engines. The breach occurred when online physician progress notes were accessible through search engines due to a third-party vendor posting a link containing the notes. The compromised information included names, dates of birth, diagnoses, medications, and treatment plans. This incident is not an isolated one, as many patients’ PHI has been compromised in HIPAA breaches.