BBC reports: An investigation is under way into how “sensitive” information belonging to Essex County Council ended up in a disused building. The security breach was one of three “recent” episodes at the Conservative-run council. The Information Commissioner’s Office has confirmed it is investigating the breaches. According to BBC, two of the breaches were “committed…
Month: October 2012
Korn/Ferry’s frustratingly vague breach disclosure (update2)
File this under “How NOT to issue a press release.” Korn/Ferry reportedly issued some statement that they were the victim of a criminal attack. They note that the databases typically do not hold credit cards, Social Security numbers or health information, but they fail to indicate what types of personally identifiable information may have been…
Failure to shred: radiology service notifies patients of potential breach (update1)
KOLR10/KOZL News reports: A Springfield medical group that provides radiology services to CoxHealth is telling its patients to watch their personal information. Litton and Giddings Radiological Associates, P.C. (LGRA) says its janitorial service inadvertently sent patient paper billing records to a Springfield recycling company without first shredding the documents. The incident involved a business associate’s…
CMS response to data breaches and medical identity theft – OIG report
The Centers for Medicare & Medicaid Services (CMS) maintains the protected health information of millions of Medicare beneficiaries. If CMS has a security breach, they’re obligated to report it just like other HITECH-covered entities. But when HHS’s Office of the Inspector General (OIG) looked at whether CMS was complying with the requirements, they found deficiencies: CMS reported…
UK: Private sector leads the way on data protection compliance but ‘room for improvement’ elsewhere (update1)
The Information Commissioner’s Office issued a press release today on the results of its voluntary audit program: A series of reports published by the Information Commissioner’s Office (ICO) today has highlighted the positive approaches many private sector companies are adopting to look after people’s data. However concerns remain about data protection compliance within the local…
President's bioethics panel urges new privacy protection to ensure benefits from DNA decoding
Lauran Neergaard of Associated Press reports: It sounds like a scene from a TV show: Someone sends a discarded coffee cup to a laboratory where the unwitting drinker’s DNA is decoded, predicting what diseases lurk in his or her future. A presidential commission found that’s legally possible in about half the states — and says…