I have been following this case from the beginning and wondering why the heck HHS didn’t come down on Walgreens like they did on their competitors CVS and RiteAid. And now we learn that OCR just closed the case with no penalty? Seriously? So CVS and RiteAid get clobbered by both the FTC and HHS/OCR, and Walgreens…….
Month: August 2016
Personal information for hundreds of people found along CLE roadside
NewsNet5 in Cleveland reports: The City of Cleveland is trying to determine who dumped the personal information of hundreds of northeast Ohio residents along the roadside on Train Avenue. The personal information was strewn along a mile stretch of roadway, at five different dumping sites, and included; tax returns, mortgage information, canceled checks, addresses, social…
UK: Domestic abuse privacy breach: Greater Manchester Police pays victim
BBC reports: A domestic abuse victim has received £75,000 from a police force after it revealed details of her treatment by a former boyfriend without her consent. The unnamed woman had agreed Greater Manchester Police (GMP) could refer to her experience in a training session providing she remained anonymous. However, she later learned her identity…
NL: Personal data of 3700 Ede residents leaked through municipal site
Janene Pieters reports: The personal information of about 3,700 Ede residents were accessed by unauthorized persons due to a security vulnerability on the municipal site, a spokesperson for the municipality confirmed to NU.nl. The unauthorized persons had access to a database that is linked to a contact form. Residents could submit a question or asked to be…
Hold On, You Didn’t Overpay for That: Courts Address New “Overpayment” Theory from Plaintiffs in Data Breach Cases
Andrew C. Glass, David D. Christensen and Matthew N. Lowe of K&L Gates write: With the ever-increasing amount of personal information stored online, it is unsurprising that data breach litigation has become increasingly common. A critical issue in nearly all data breach litigation is whether a plaintiff has standing to pursue claims—especially where there is…
UK: Medical data leak: Doctors hit with £40,000 fine from UK watchdog
Jennifer Baker reports: A doctor’s surgery in Hertfordshire has been fined £40,000 by the UK’s privacy watchdog for giving out personal medical information in breach of data law. Regal Chambers gave information about a woman and her family to her estranged ex-partner, despite staff at the practice being warned that this might happen. Read more on…