Ryan Murphy reports that a former University of Nebraska-Lincoln student who pleaded guilty to large security breach in 2012 affecting the University of Nebraska and the Nebraska State College System has been sentenced to prison: 23-year-old Daniel Stratman of Omaha received 6 months in prison on one count of Fraud and Related Activity in Connection…
Month: July 2014
House Oversight’s lopsided hearing on the FTC
The House Oversight Committee held a hearing this morning that was supposed to be about FTC authority under Section 5, but it wound up being more of Chairman Darrell Issa using his position as a bully pulpit to attack the FTC, Tiversa, and Democrats on the committee who would not give a potential whistleblower (a former employee…
Dismissal of Sutter Health lawsuit to be appealed
I guess I wasn’t the only one surprised by the Third District Court of Appeal’s dismissal of a lawsuit against Sutter Health for violations of California’s Confidentiality of Medical Information Act (CMIA). The justices had unanimously held that the CMIA wasn’t triggered because there was no evidence that anyone even looked at the stolen protected health information, much…
Are Patient Privacy Laws Being Misused to Protect Medical Centers?
by Charles Ornstein ProPublica, July 24, 2014, 11:30 a.m. This story was co-published with NPR’s “Shots” blog. In the name of patient privacy, a security guard at a hospital in Springfield, Missouri, threatened a mother with jail for trying to take a photograph of her own son. In the name of patient privacy , a…
FTC Commissioner calls for more data security in health apps, devices
At a Tech in Policy event sponsored by Washington, D.C. newspaper The Hill, FTC Commissioner Julie Brill made it clear that the FTC is aware of recent concerns about health app data privacy and security and is looking into new ways to police the industry. Read more on MobiHealthNews.
Extending Cybersecurity Breach Notice Requirements to Intelligence Community Contractors
David Fagan, Susan Cassidy, and Catlin Meade write: As an indicator of the continuing focus of government authorities on cybersecurity breaches and potential notification requirements, certain contractors for the federal government may soon face new rapid reporting requirements for successful network penetrations. Specifically, President Obama signed the 2014 Intelligence Authorization Act (“2014 IAA”) into law on July…