Category: Health Data

Joseph Lazzarotti of Jackson Lewis writes: On August 18, 2010, the Connecticut Insurance Commissioner issued Bulletin IC-25 which mandates that entities within its jurisdiction notify the Department of Insurance of any “information security incident.” This post provides a brief summary of this new requirement. […] What is an “information security incident”? Under this Bulletin, an…

German drugstore chain Schlecker has suffered a major online data breach, with the names, addresses and profiles of about 150,000 customers being exposed on the internet, the company announced Friday. A spokesman for the firm confirmed media reports that the personal data of online customers had for an unspecified time found their way onto the…

Juan Ortega reports on a case of low-tech mail theft used for medical ID theft: A Tamarac woman told a judge she stole someone’s identity and spent nearly $20,000 in ill-gotten funds, largely because she needed to replace defective breast implants and furnish her condo. Shatarka Nuby, 29, offered that explanation to U.S. District Judge…

Dom Nicastro provides some interesting data from California, where there is no “harm threshold” in mandated reporting requirements for breaches involving medical records: Since California’s new law went into effect last year, the state has received 3,766 breach reports. …. California’s investigations team has completed reviews of 1,953. It found that 98.7% of those breaches…

Lindsay Peterson reports: Moffitt Cancer Center is contacting 492 of its patients after learning an employee falsified at least one patient’s signature on a consent form for a cancer research study. Moffitt discovered the falsification July 29, and immediately began looking into the records of 6,464 patients who are enrolled in the 4-year-old research study,…