Jonathan Perlow reports: New York state is collecting confidential information on mental health patients to create a database of people it deems unfit to carry a firearm, according to a federal class action. Lead plaintiff Donald Montgomery claims the state created a reporting system, as part of the New York Secure Ammunition and Firearms Enforcement…
Month: December 2014
Medical Records Lessons from the Sony Breach
Ben DiPietro reports: Sony Pictures Entertainment could be penalized by regulators for the data breach that resulted in private health information of its employees becoming public, and could be socked with lawsuits as well. It remains to be seen which regulators might target the company, or which rules it might be accused of violating, but regardless of who…
Meet Anunak – The Hacker Crew That Owned Staples And Earned $18m In 2014
Thomas Fox-Brewster reports: In November this year, dignitaries and bigwigs of the cyber security industry gathered inside Europol’s headquarters in The Hague. As they talked about general issues affecting the community, namely financially-motivated criminals, ears pricked up when one particular strain of malware, called Anunak, was said to have brought about the “armageddon” of the…
Court case places patient-physician relationship in the balance
Via Dr. Ken Pope’s mail list, this news release from the AMA: Two essential elements of medical practice—patient privacy and the patient-physician relationship—are at stake in a case before a federal appeals court that involves a state prescription drug monitoring program (PDMP) and surveillance by the U.S. Drug Enforcement Administration (DEA). The issue in question…
Incident Summary #4: Service provider inadvertently discloses email addresses of nearly 300 customers in mass email
Posted yesterday by the Office of the Privacy Commissioner of Canada: Service provider inadvertently discloses email addresses of nearly 300 customers in mass email Incident A customer of a service provider received a routine email from the service provider advising her of when her seasonal service would be reconnected. However, she noticed that the email…
VA: Security Incident Involving James Madison University Network
December 18, 2014 James Madison University is committed to protecting the confidentiality and security of the information entrusted to us. This notice contains important information regarding a recent security incident involving JMU’s network. Since October, JMU Information Technology, along with law enforcement and outside security consultants, has been investigating an incident of unauthorized access to…