Well, I knew about the incident, but didn’t know until today that the ransomware incident involving St. Peter’s Surgery & Endoscopy Center in Albany, New York affected 135,000 patients.. Now we know.
Month: March 2018
Survey: 18% of Health Employees Would Sell Confidential Data
Those who said they were willing to sell the data would do so for as little as between $500 and $1,000. Alexandra Wilson Pecci reports: Patients trust their healthcare providers to keep their data safe, but according to a new survey, that trust might sometimes be misplaced. The Accenture survey found that nearly one in…
Regulatory Gap: Cybersecurity at K-12 Schools
Nicole Della Ragione and Leora F. Ardizzone report: While data breaches at Equifax, Yahoo, Anthem and Target have made the national news, data breaches at school districts are not as widely publicized. Schools are a treasure trove of children’s personally identifiable information (PII) (e.g., name, address, Social Security number) and protected health information (PHI), as…
Amazon Releases New Guidance on AWS and FERPA
Dian Schaffhauser reports: More than two years after issuing guidance on FERPA compliance and Amazon Web Services, Amazon has updated the whitepaper to lay out the company’s “shared responsibility model” and provide specific guidance on 24 different AWS services. The Family Educational Rights and Privacy Act, in general, calls for schools and agencies to “reasonably…
QuadMed health records system issue affected onsite clinics of three clients
One of the incidents reported to HHS this month was an incident reported by QuadMed in Wisconsin. Today, I finally found some documentation as to what that incident was all about. As background, QuadMed describes itself as providing occupational health and primary care services to some clients. In some cases, they may take over an…
Tufts Health Plan notifies 70,320 members after vendor error exposes information in envelope window
Yes, it has happened again. Protected health information exposed in an envelope window. Why do entities still use envelopes with windows? Anyway, Tufts Health Plan explains in their notification of February 16, 2018: Subject: Notice of Inadvertent Disclosure of Health Plan Information What happened? Tufts Health Plan uses a vendor to handle mailing of member…