Dissent – Page 4148 – DataBreaches.Net

Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule

Posted on November 27, 2012 by Dissent

Yesterday, OCR released the guidance on de-identification of PHI: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/De-identification/hhs_deid_guidance.pdf Now I just need to find time to read it…

University of Arkansas for Medical Sciences warns 1,500 patients of breach

Posted on November 27, 2012 by Dissent

Gavin Lesnick reports: UAMS is notifying about 1,500 patients that a former resident doctor who was fired in 2010 improperly kept medical records containing some personal information. The hospital said in a statement that the doctor violated policy when she kept documents containing information including patient names, partial addresses, medical record numbers, dates of birth,…

CA: Cyber Hacker Steals Credit Card Numbers From EJ Phair Customers

Posted on November 27, 2012 by Dissent

Emily Henry reports: Customers of Concord’s EJ Phair Brewing Company may have noticed some unusual charges on their bank statements recently, ranging anywhere from a $700 fee at Staples in Washington state to a couple of bucks at a McDonald’s in Nevada. The cause of those unexplained charges has been discovered as the work of a sophisticated…

Documents + unattended vehicles = yes, again

Posted on November 27, 2012 by Dissent

Karen Dillon reports that mortgage loan documents from Pulaski Bank that included applicants’ tax returns and other sensitive information were stolen from an unattended vehicle in September. The documents had reportedly been stolen from a loan official’s car while it was parked at a gym. This type of breach is certainly not new… I’ve been covering…

Sourcefire laptop with employee data stolen

Posted on November 27, 2012 by Dissent

Sourcefire has had a breach that is probably a bit embarrassing for a company known for security solutions. It seems a company laptop with employees’ Social Security numbers was stolen on November 6, and according to their notification letter to the New Hampshire Attorney General’s Office, the laptop was (only?) “password-protected.” Their letter didn’t…

Follow-up on the Gulf Coast Health Care Services breach

Posted on November 26, 2012 by Dissent

Back on November 10, I noted that HHS’s breach tool had added an entry for Gulf Coast Health Care Services: Gulf Coast Health Care Services in Florida suffered a network compromise on August 17 that reportedly affected 13,000 patients. The incident was reported to HHS as “Theft, UnauthorizedAccess/Disclosure, Hacking/IT Incident”,Network Server. I commented at the…