Jeremy Kirk reports: Analyzing encrypted Web traffic can potentially reveal highly sensitive information such as medical conditions and sexual orientation, according to a research paper that forecasts how privacy on the Internet may erode. In a paper titled “I Know Why You Went to the Clinic,” researchers show that by observing encrypted Web traffic and identifying patterns,…
Month: June 2014
NJ district court certifies two issues for interlocutory appeal in FTC v. Wyndham
In April, Judge Esther Salas denied Wyndham’s motion to dismiss the FTC’s complaint stemming from what the FTC alleges were unreasonable data security practices that put consumers at risk of harm. The FTC’s complaint was brought under Section 5 of the FTC Act, and Wyndham had challenged their authority to enforce data security as well as their…
Update: NY: Two plead guilty to Albany Medical Center identity theft charges
Fox23 reports: Two people, who were accused of stealing identities of multiple patients at a local hospital and opening fraudulent credit card accounts, have pleaded guilty to their charges. According to District Attorney P. David Soares, Emmett Woods, 25, and Suzette Guzman-Moore, 45, pleaded guilty to their charges this month. Read more on Fox23.
Michael Schumacher's medical files stolen – report
Last week, I planned to blog about how pleasantly surprised I was that Formula One champion Michael Schumacher’s medical records had not been leaked in the six months following his tragic accident. I guess it’s a good thing I didn’t blog about it, as Associated Press is reporting that his medical files have been stolen and…
Some comments on the Florida Information Protection Act of 2014
The Florida Information Protection Act of 2014 was approved by Governor Rick Scott on June 20. It has some commendable features (not all of which are new under Florida law), but I also spot some concerns. On a positive note: 1. It uses an access trigger instead of an acquisition trigger for notification. 2. It now…
$800,000 HIPAA settlement in medical records dumping case
From HHS, this press release today about an incident that never appeared in their public breach tool: Parkview Health System, Inc. has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule with the U.S. Department of Health and Human Services Office for Civil Rights (OCR). Parkview…