Following a public comment period, the Commission has approved a final consent order in the CVS Caremark case involving failure to adequately secure customers’ medical and financial data. Prior coverage of the case can be found here. Additional documents on the case can be found here. According to the complaint, CVS Caremark did not implement…
Category: Health Data
MN: Posting online can be invasion of privacy, Appeals Court rules
In a case that seems like deja vu all over again, the Minnesota Court of Appeals held that posting someone else’s embarrassing personal information on the Internet can be a legal invasion of privacy, regardless of how many people view the site. In this case, the personal information concerned a woman’s sexually transmitted disease that…
SVI police investigate leaked photo of deceased crash victim
Ghouls – and unprofessional ones at that. St Thomas/St John/Water Island Chief of Police Rodney Querrard released the following message to the USVI public on Tuesday in hopes of finding out who took a CELL phone picture of a deceased auto accident victim, then forwarded it. “It has come to my attention that a confidentiality…
AL: Medical records discovered in garbage truck, landfill
Hundreds of medical files with personal and medical details were found in and around a garbage truck at a landfill in Montgomery, Alabama. The records were marked, “Radiology Department, Baptist Medical Center.” Baptist Health uses a third party for some of its record disposal, and a spokesperson said that they are investigating the matter. Source:…
PCI-DSS: Not on health care provider's radar
Health care providers are certainly no stranger to data privacy and security standards related to protected health information (PHI). Although these providers and their respective organizations are well versed in rules, policies and requirements of HIPAA, few are aware that the PCI-DSS rules apply to their businesses and even fewer are compliant. When HIPAA compliancy…
AMA: Guidance Offered on Medical Record Breaches
The American Medical Association (AMA) adopted guidelines for any breach of patients’ electronic medical records and passed policies recognizing breast cancer in men and the dangers of hormone use in anti-aging procedures on June 15 at their annual meeting held from June 13 to 17 in Chicago. To protect patients’ privacy and security, the AMA…