Jeff D. Gorman reports: A woman who wrongly accused a clinic employee of revealing her pregnancy in breach of medical confidentiality committed defamation, the Alaska Supreme Court ruled. Karen Greene complained that Beverly Tinker improperly gained access to Greene’s medical file at the Pilot Station Health Clinic in 2007. Though Tinker said she merely looked…
Month: August 2014
Is your firm violating the Data Protection Act or begging for a hack of its Twitter account? (updated)
ThreeUK, who claim to have a 45% share of all mobile traffic in the UK, has a social media presence on Facebook and Twitter. They also have a dangerous practice of requesting customers provide personal details such as full name, phone number, postcode, and date of birth via direct messages (DM) to their support team, e.g.,…
FTC Settlement Requires Fandango and Credit Karma to Establish Comprehensive Security Programs to Protect Consumers’ Sensitive Personal Information
Meena Harris writes: The Federal Trade Commission (“FTC”) has approved final orders settling charges against Fandango and Credit Karma that the companies misrepresented the security of their mobile apps and failed to protect the transmission of consumers’ sensitive personal information. The FTC specifically alleged that, although the companies made security promises to consumers that their…
Snooping staff still top security issue
Erin McCann reports: When it comes to data breaches, hacking and loss or theft of unencrypted devices are far from healthcare security professionals’ only concerns. Employee snooping and insider misuse also prove to be among the biggest privacy threats in the healthcare sector today. Read more on HealthcareITNews, where Erin mentions some recent cases,…
CHS Hacked via Heartbleed Vulnerability
From TrustedSec: As many of you may have already been aware, a breach at Community Health Systems (CHS) affecting an estimated 4.5 million patients was recently revealed. TrustedSec obtained the first details on how the breach occured and new information relating to this breach. The initial attack vector was through the infamous OpenSSL “heartbleed” vulnerability…
Supervalu lawsuit: Hackers may have stolen credit card info from local Shop ‘n Save customers
Daniel Kelly reports: A class-action lawsuit alleges a national chain of grocery stores, which includes several local Shop ‘n Save stores, failed to protect its customers from hackers who may have stolen their financial information. Representatives of Supervalu, the parent company of Shop ‘n Save, have said they do not know of any customers affected…