Dean Beeby reports: Canada Revenue Agency workers continue to poke into the confidential tax files of friends and foes, despite assurances to Canada’s privacy commissioner that the chronic problem of unauthorized access is being fixed. The 34 significant privacy breaches reported by the CRA to the commissioner in 2014 show all but two were deliberately…
Month: September 2015
Court denies Schnuck Markets’ motion to dismiss claims arising out of point-of-sale data breach
Ryan M. Martin of Winston & Strawn LLP writes: The U.S. District Court for the Southern District of Illinois recently denied the retail grocery chain Schnuck Markets’ motion to dismiss various claims arising from a December 2012 data breach in which hackers gained access to Schnucks’ credit/debit card processing systems. By mid-March 2013, both customers’ banks and Schnucks’…
Major Patient Privacy Breach Alleged At Palo Alto VA
Benjamin Krause writes: VA OIG just reported that Palo Alto VA Health Care System unlawfully gave patient data to a private IT company despite employees not having cleared background checks. The watchdog investigated allegations that the Palo Alto VA informatics chief entered into an illegal agreement with a health care company called Kyron. VA OIG confirmed allegations…
Ca: Data breach turns into MLA laugh-fest
Les Leyne writes: Lovely to see how the latest data-privacy breach moved from a dramatic crisis to light entertainment in the space of a week. The news that the Education Ministry had misplaced a data drive packed with sensitive information about school kids was treated like an Amber Alert when the government ’fessed up to…
Data breach lawsuit against former parent company of Flowers Hospital survives motion to dismiss
There’s a noteworthy update to a lawsuit against Triad of Alabama, the former parent company for Flowers Hospital, whose employee was convicted on both federal and state charges for stealing and trafficking in patient information for tax refund fraud. The breach and earlier developments in the lawsuit were covered on PHIprivacy.net. Today, Lance Griffin reports that the amended class…
Canadian physician facing disciplinary charges over snooping in patients’ records
There’s an update to a breach that I hadn’t read about back in June when it was first reported. The breach allegedly involves one doctor who improperly accessed two patients’ records held at Group Health Centre and Sault Area Hospital. But the allegations have some bizarre features, as SooToday reports: The hospital reported in June that an internal investigation into…