Lance Griffin has an update to another long-running data breach lawsuit: A federal judge has granted class action status to a civil lawsuit involving the theft of personal information at Flowers Hospital, believed to have occurred in 2013. The decision, if ultimately approved, means people who believe they have been adversely affected as a result…
Month: March 2017
UNC Health Care notifies 1,300 prenatal patients of potential breach
Abbie Bennett reports: UNC Health Care is alerting its prenatal patients that their confidential medical information may have been shared with their home county, including Social Security numbers, sexually-transmitted disease information and more. Women seen for prenatal appointments at two UNC Health Care obstetric clinics between 2014 and 2017 may have filled out a form…
New Mexico passes data breach notification and protection bill
Erich Falke writes: Then there were two. On March 16, 2017, the New Mexico state legislature passed a bill requiring that New Mexico residents be notified if their “personal identifying information” was affected by a breach of electronic data. Upon signature of the bill, New Mexico will join 47 other states requiring such notification, and the only…
Protenus releases February health data breach statistics
So what kind of month was February for breaches in the healthcare sector? Protenus has released its February Breach Barometer based on incidents compiled by this site. As a reminder: their analyses do not rely solely on HHS’s public breach tool. As in past months, insider incidents – whether accidental or intentional wrongdoing – comprised…
Saks Fifth Avenue Exposed Personal Info On Tens Of Thousands Of Customers
Leticia Miranda reports: The personal information of tens of thousands of customers of Saks Fifth Avenue has been publicly available in plain text online, BuzzFeed News has learned. The online shopping site for the brand is maintained by the digital division of its owner, the Canada-based Hudson’s Bay Company. Until recently, unencrypted, publicly accessible web…
DA launches criminal probe into St. Charles breach
The St. Charles Health System may think they’ve met all their obligations in their handling of an insider snooping incident, but Deschutes County District Attorney John Hummel says the matter should have been reported to them for criminal investigation. Now that’s interesting to think about. If a covered entity is convinced that an employee snooped…