The new bulletin from the Connecticut Insurance Commission, mentioned here, had left me a tad confused, so I wrote to them: Re the definition of a security incident: “The Department considers an information security incident to be any unauthorized acquisition or transfer of, or access to, personal health, financial, or personal information, whether or not…
Author: Dissent
OK: New law prevents storage of newborn blood samples
Mark Schlachtenhaufen reports: Most states do not inform parents of the retention and research use of newborn blood spot samples, according to the Indiana Center for Bioethics. However, a new Oklahoma law, Senate Bill 1250, authored by state Sen. Jonathan Nichols, R-Norman, prohibits any medical facility from storing or using infant DNA for research without…
Point-of-sale machines a growing magnet for identity thieves
Laura Baziak reports that theft of POS touch screens is increasing in Canada as thieves look for an easy way to get any card data stored on the device: …. Farahbakhchian said theft of all point-of-sale machines has been a steady problem in B.C. for the past three years. He said he hasn’t seen a…
FL: Feds say Clay man took IRS for millions after state computers tapped
Paul Pinkham reports: Personal identities gleaned from two state agencies dealing with children were used to obtain $2.7 million in fraudulent income tax returns in a conspiracy masterminded by an Orange Park man, a federal agent testified. Bryan A. Copeland and a half-dozen co-conspirators filed 880 bogus tax returns from 2006 to 2009 using counterfeit…
Clarity Needed in Breach Notification Rule
Howard Anderson writes: My fingers are crossed that the final version of the federal breach notification rule greatly clarifies when a breach has to be reported to the individuals affected as well as federal authorities. I hope the final version states in the simplest possible terms that the federal law supersedes state laws, unless the…
KPMG employee loses unencrypted flash drive with patient info on 3,630
An accounting firm used by the Saint Barnabas Health Care System and its affiliated hospitals in New Jersey has reportedly lost an unencrypted flash drive that may have contained some patients’ names as well as information about their health care. In a notice on their web site, the hospital states that the flash drive lost…