And the year draws to a close as it opened: with a call for greater cooperation in preventing security breaches. At the beginning of the year, it was Heartland Payment Systems. Now, following lawsuits against it by restauranteurs in Louisiana who were hacked while using one of its POS applications, Radiant Systems is trying to…
Author: Dissent
Attorney for doctors in WDH privacy breach disputes AG's finding
Adam D. Krauss continues to update us on this case: An attorney for two doctors impacted by the privacy breach at Wentworth-Douglass Hospital says the Office of the Attorney General would have found WDH had to notify patients if the state knew a rogue employee accessed patients’ social security numbers and sensitive insurance policy data….
AU: New privacy guidelines for health practitioners on disclosing genetic information
JOINT MEDIA RELEASE of the Office of the Privacy Commissioner and the National Health and Medical Research Council: The National Health and Medical Research Council (NHMRC), in cooperation with the Office of the Privacy Commissioner (OPC), today released new guidelines to assist health practitioners in making decisions about disclosing genetic information to their patient’s genetic…
OK judge extends block on controversial abortion law
The Associated Press reports that District Judge Daniel Owens has extended a temporary restraining order that blocks enforcement of a controversial abortion law, House Bill 1595. The law is being challenged on grounds that it violates the state constitution. Read more: http://www.kansas.com/news/state/story/1105028.html
UK: Shropshire Council found in breach of the Data Protection Act
The Information Commissioner’s Office (ICO) has found Shropshire Council in breach of the Data Protection Act following the loss of an unencrypted memory stick containing sensitive information relating to a large number of adult social care clients and members of staff. The memory stick, which contained a social care management database including sensitive health information,…
So where are the breach reports on HHS?
The following is cross-posted from PHIprivacy.net: Under the provisions of the HITECH Act that went into effect several months ago, covered entities are required to report breaches involving the unsecured protected health information of 500 or more individuals to the Secretary of the U.S. Department of Health & Human Services. Unfortunately, HHS watered down the…