Jo Best reports: The government has finally released the long-awaited NHS Information Strategy. The document, initially set for release last year, was launched on Monday and paves the way for the anonymisation and reuse of patient data. “Our electronic care records [are] becoming a core source of all professional information. These records are a rich…
Author: Dissent
WHMCS victim of social engineering; over 500,000 client records stolen, deleted from server, and dumped publicly
Why hack when you can socially engineer employees into giving you the keys to the kingdom? Client management billing platform WHMCS reports that hacker group UGNazi successfully socially engineered their web hosting firm into providing the hackers with admin credentials. The hackers then proceeded to acquire their data, delete it, and dump it. The attack…
A UCLA Health System audit report with limited patient info posted online
Sometimes we find out about breaches from student publications. Daily Bruin reporter Kylie Reynolds writes: A UCLA Health System audit report containing private patient information was posted online earlier this month, though it remains unclear how many people were affected, according to a letter from a health system official obtained by the Daily Bruin. The…
California Considers DNA Privacy Law
Helen Shen and Nature magazine report: California lawmakers are weighing a bill aimed at protecting their state’s citizens from surreptitious genetic testing but scientists are voicing their growing concerns that, if passed, such a law would have a costly and damaging effect on research. The bill, dubbed the Genetic Information Privacy Act, would require an individual’s written consent for…
UK: London NHS Trust fined £90,000 for serious data breach (updated)
Central London Community Healthcare (CLCH) NHS Trust has been fined £90,000 following a serious breach of the Data Protection Act (DPA), the Information Commissioner’s Office (ICO) announced today. The breach first occurred in March last year, after patient lists from the Pembridge Palliative Care Unit, intended for St John’s Hospice, were faxed to the wrong recipient. The…
A breach avoided
It seems there was a near-miss at a VA hospital in Maine last month. But an alert housekeeping employee noticed that patient records had been thrown in a dumpster, notified the right person, and everything was recovered with no public exposure. Mistakes happen. Creating a culture where all employees know about privacy protection and what…