Deanna Garcia reports: UPMC is alerting nearly 1,300 people treated at various UPMC locations over the past year that their records were viewed inappropriately. The now former employee at UPMC McKeesport was not involved in the care of the patients and therefore should not have been looking at their information. “Another employee called it to…
Month: November 2013
Maricopa Community Colleges notifies 2.5M after data security breach (update 6)
Tim Gallen and Mike Sunnucks report: The Maricopa County Community College District is notifying nearly 2.5 million students, former students, vendors and employees because their personal information may have been exposed in a security breach. The Tempe-based college district announced today that it is contacting 2.49 million students, employees and suppliers that their information may…
Payment Card Industry Security Standards Council Issues Updates to Data Security Standard
Earlier this month, the Payment Card Industry Security Standards Council (PCI SSC) released Version 3.0 of the Payment Card Industry Data Security Standard (PCI DSS), which includes several enhanced security requirements that will affect how businesses protect payment card data in their systems. The updated standard calls upon businesses to take a more active role in…
Recent California Decision Upholds Data Breach Coverage
Understanding what your insurance will cover when it comes to a data breach and what it won’t can save you a lot of grief down the road. Roberta D. Anderson of K&L Gates analyzes a recent case where the court concluded that a breached entity was covered under the terms of their policy’s language, but…
AU: Medical examinations used to access your private information
Leanne Nicholson reports: Private information of thousands of Australian jobseekers harvested through medical examinations and stored for profit has raised legal and applicant concerns about the protection and use of personal data. Australia’s largest publicly-listed health and risk management provider, Konekt, has collected the personal data of jobseekers since 2007 through medical examinations on behalf…
UK: An undertaking serves as a reminder that all employees need to be trained on data protection
The Information Commissioner’s Office (ICO) notes that an Undertaking has been signed by the Royal Borough of Windsor & Maidenhead, following an incident in which restricted information about 257 employees was disclosed on its intranet in error. The incident occurred in January of 2013 when a spreadsheet with details on employees who had not signed…