Tom Bolton reports that Cottage Health, which suffered a HIPAA breach in 2013 due to a vendor error (by InSync) that exposed over 50,000 patients‘ information, has suffered another exposure breach: Cottage Health’s efforts to protect the confidentiality of hospital patient records suffered a setback earlier this fall when one of its computer servers was found to be…
Month: December 2015
House committee OKs bill to counter stolen credit card forums
Cory Bennett reports: The House Judiciary Committee on Wednesday approved a bill aimed at cracking down on the cyber thieves who profit from stolen credit card information. The Cybercrime Anti-Resale Deterrent and Extraterritoriality Revision (CARDER) Act would give law enforcement more tools to go after foreign criminals who sell credit card data stolen from Americans…
Chinese government has arrested hackers it says breached OPM database
If I knew emojis, I’d include one for “highly skeptical” to accompany this story. Ellen Nakashima reports: The Chinese government recently arrested a handful of hackers it says were connected to the breach of Office of Personnel Management’s database earlier this year, a mammoth break-in that exposed the records of more than 22 million current…
Target in $39.4 mln settlement with banks over data breach
Reuters reports: Target Corp has agreed to pay $39.4 million to resolve claims by banks that said they lost money because of the retailer’s late 2013 data breach. The preliminary settlement was filed on Wednesday with the federal court in St. Paul, Minnesota, and requires court approval. It resolves claims by banks seeking to hold…
University of Rochester Medical Center settles NYS Attorney General charges stemming from HIPAA breach
Back in May, I noted that University of Rochester Medical Center was notifying 3,000 patients because a departing employee had taken patient information with her for her new employer to use to recruit patients. Now NYS Attorney General Schneiderman has announced a settlement with URMC over the HIPAA breach. The settlement requires the center to pay a $15,000…
State law claims in Anthem breach tossed because ERISA pre-empts
And yet another blow to would-be plaintiffs in data breach litigation: you can’t raise claims under state law if ERISA applies and covers all the claims. Joe Lustig reports: For the second time this year, the U.S. District Court for the Northern District of California has ruled that state law claims arising from Anthem’s February data…