From the Information Commissioner’s Office: An undertaking to comply with the first, third and seventh data protection principles has been signed by South Western Ambulance Service NHS Trust. This includes the completion of a Privacy Impact Assessment in respect of data sharing. This follows an investigation whereby patient data related to 45, 431 data subjects…
Month: October 2014
Podiatrist charged with health care fraud and identity theft
Westmoreland Times reports: Aileen Gong, D.P.M., 55 years of age, of King of Prussia, Pennsylvania, was charged by indictment with health care fraud, wire fraud, and aggravated identity theft, according to an announcement by United States Attorney Zane David Memeger. The indictment charges that between 2009 and February 2014, Gong, a podiatrist, submitted at least…
Prescription Database Privacy Case Heads For Legal Showdown
Alison Diana reports: To combat “doctor shopping,” “pill mills,” and addiction to medications such as pain and anti-anxiety pills, many states have created databases that track the doctors who prescribe and patients who take these medications. Used by pharmacies and practices to ensure consumers aren’t seeing multiple physicians to get controlled substances, these databases also…
Working Paper: Data Breaches in Europe: Reported Breaches of Compromised Personal Records in Europe, 2005‐2014
Frederik Borgesius made me aware of this paper of note: Data Breaches in Europe: Reported Breaches of Compromised Personal Records in Europe, 2005‐2014 Philip N. Howard CMDS Working Paper 2014.1 Center for Media, Data and Society School of Public Policy Central European University October, 2014 From the Executive Summary, the major findings over the past…
Ca: AHS contacting nearly 250 patients after privacy breached
Reid Southwick reports: Alberta’s health authority is apologizing for a major privacy breach after a staffer at Alberta Children’s Hospital inappropriately accessed nearly 250 patient files over a 14-year period. Alberta Health Services noticed the breach during audits of two patient databases, finding the same staff member had accessed personal information of hundreds of patients,…
Huge Data Leak at Largest U.S. Bond Insurer
Brian Krebs writes: On Monday, KrebsOnSecurity notified the Municipal Bond Insurance Association — the nation’s largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to…