I received a phone call from OCR this morning to discuss my FOI request for the breach reports HHS is receiving under HITECH regulations. I had requested electronic copies of the reporting forms breached entities submitted via HHS’s web site. The conversation was a bit of an eye-opener for me. First, it turns out…
Author: Dissent
PCI Vendor Offers $100K For Any Customer Breached
Evan Schuman writes: With all of the PCI shell games around, it’s nice to find one vendor offering what seems to be a legitimate PCI insurance program: Use its package and get breached, and the vendor will reimburse some of your out-of-pocket breach costs, with a $100,000 cap. The program, from a company called BHI…
UK: BT embroiled in ACS:Law porn list breach
Daniel Emery reports: BT has admitted it sent the personal details of more than 500 customers as an unsecured document to legal firm ACS:Law, following a court order. The news could put BT in breach of the Data Protection Act, which requires firms to keep customers’ data secure at all times. The e-mails emerged following…
OSU calls breaches of data minor
Encarnacion Pyle follows up on a recent student news story that Ohio State University has about 10 breaches per year with some additional details: […] Ohio State has checked into six possible cases in the past year and found four minor breaches in which the names and Social Security numbers of employees or current and former…
FL: Parents fear identity theft by Keep the Faith Ministries
Sofia Santana reports: They say they provided Social Security numbers, copies of utility bills, pay stubs and credit card information to a group called Keep the Faith Ministries. Low-income parents who claim they were swindled by the group, which promised to subsidized their child care expenses, now worry they and their children also may be…
States unable to protect citizens’ personal, health data from cyberthieves
Byron Acohido writes: This should come as no surprise. State government agencies aren’t devoting nearly enough resources to protect citizens’ sensitive data from hackers and data thieves. Some 49 out of 50 states report that a lack of budget is crippling efforts to manage cybersecurity effectively. One state chose not to participate. That’s the upshot…