Health Data – Page 22 – DataBreaches.Net

Change Healthcare Data Breach Settlement Talks To Be Explored Early in MDL

Posted on December 3, 2024 by Dissent

Irvin Jackson reports: Parties involved in the federal Change Healthcare data breach lawsuits have been ordered to meet separately with a U.S. Magistrate Judge over the next two months, to discuss the most effective structure for settlement talks and the optimum timing for when negotiations should begin that may provide payouts to millions of Americans. The potential…

HHS Office for Civil Rights Imposes a $1.19 Million Penalty Against Gulf Coast Pain Consultants for HIPAA Security Rule Violations

Posted on December 3, 2024December 3, 2024 by Dissent

In April 2019, DataBreaches reported that Gulf Coast Pain Consultants, LLC d/b/a Clearway Pain Solutions Institute had recently notified patients after discovering on February 20 that their EMR system had been accessed by a third party without authorization. At the time, they disclosed that 35,000 patients had been affected but they did not indicate that…

Bolton Walk-In Clinic in Ontario: lock down your backup already!

Posted on December 3, 2024December 17, 2024 by Dissent

DataBreaches hates reporting on an incident when the entity has not yet secured misconfigured storage, but after four months of futile efforts to get a Canadian clinic to respond to responsible disclosures, maybe publication will help get them off the dime. Bolton Walk-In Clinic in Ontario has a data protection policy that says: We are…

Administrative fine of €330,000 issued to Polish medical company after a hacking incident

Posted on November 29, 2024 by Dissent

Background information Date of final decision: 20 May 2024 National case Legal Reference (s): Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 32 (Security of processing) Decision: Administrative fine, Compliance order Key words: Accountability, Administrative fine, Data subject rights, Hacker attack, National identification number, Responsibility of the controller…

Yet another NHS hospital hit by a cyberattack

Posted on November 29, 2024 by Dissent

Kevin Poireault reports: An infamous ransomware group has claimed to have compromised sensitive data from a children’s hospital in Liverpool, UK. On November 28, INC Ransom posted on its data leak site that it has obtained large-scale data patient records, donor reports and procurement data for 2018-2024 from Alder Hey Children’s NHS Foundation Trust. [And…

Information and Privacy Commissioner of Alberta Publishes 2023-24 Annual Report

Posted on November 29, 2024 by Dissent

November 27 EDMONTON – The 2023-2024 Annual Report of the Office of the Information and Privacy Commissioner (OIPC) of Alberta was tabled today by the Speaker of the Alberta Legislative Assembly and has now been published online by the OIPC. “The 2023-24 year can best be characterized as a year of change and engagement for…