Madison Underwood reports that hundreds of records containing minor’s sensitive information – names, birthdates, phone numbers and more – were publically available online at a website operated by Birmingham City Schools. Read more on AL.com. Would this be a good time to remind everyone that Alabama is one of only a few states that does not…
Month: November 2014
Is HHS still dealing with ADP breach from 2012?
I have to confess I was somewhat surprised to see that HHS’s public breach tool is still adding affected entities to the Advanced Data Processing incident. Whether HHS is just getting around to adding them or whether the entities are first discovering and/or reporting that their patients were involved is not known to me. Readers may…
Updated details on the Penn Highlands Brookville hacking incident
Last month, Penn Highlands Brookville in Pennsylvania disclosed a breach affecting patients of Dr. Barry Snyder. The breach did not affect Dr. Snyder or PHB directly, but rather, it appeared that the firm hosting his patient records may have been compromised. At the time, PHB did not name the third-party vendor. Nor did they indicate how many patients were…
NY: Mount Sinai Beth Israel Hospital reports stolen laptop
One of the incidents added to HHS’s public breach tool this week involves a personal laptop stolen from a Mount Sinai Beth Israel Hospital employee. The incident reminds of us the risks of BYOD when the data are not encrypted. I was able to locate a copy of the hospital’s press release on the incident:…
If you don't respond to notifications of a leak, the problem doesn't go away – it gets worse
On September 3, SLC alleged that WakeMed was leaking patient information: Type: PII Area: Healthcare First Noted: 3 September 2014 Location: NC Total Records: 5000+ Status: Not Monitoring for Follow Up (Not a client) SLC Security Services LLC has noted that this medical establishment has failed to secure patient records. Observed were patient name and date of birth as well as specific…
FL: Defendant Convicted In Identity Theft Tax Fraud Scheme Involving Medical Patients’ Personal Identifying Information
Kenol Augustin, 36, of Miami, was convicted by a federal jury of one count of conspiracy to commit access device fraud, in violation of Title 18, United States Code, Section 1029(b). Sentencing is scheduled for January 15, 2015. At sentencing, Augustin faces up to five years in prison. According to court documents and evidence presented…