The Federal Trade Commission today issued a policy statement affirming that health apps and connected devices that collect or use consumers’ health information must comply with the Health Breach Notification Rule, which requires that they notify consumers and others when their health data is breached. In a policy statement adopted during an open meeting, the Commission noted…
Category: Health Data
Walgreens’ Covid-19 test registration system exposed — and still exposes? — patient data
Sara Morrison reports: If you got a Covid-19 test at Walgreens, your personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. In some cases, even…
Northern Light Health reports data breach linked to Blackbaud incident
We are still first learning about Blackbaud clients impacted by their ransomware attack more than one year ago. We knew about some of the following, but not all. WGME reports: A Maine hospital says some patient information may have been stolen by hackers. Northern Light Health says information from its fundraising arm was also exposed….
OR: Southeast Health Center break-in compromises personal information of about 700 people
Multnomah County in Oregon is notifying some applicants for the Oregon Health Plan whose information may have been accessed during a break-in. The break-in occurred while the Health Center was closed for construction on August 4. Files in the cabinets included applicant records with name, date of birth, address, email address, Social Security number, insurance…
Ottawa Hospital apologizes to unvaccinated staff for privacy breach
CBC reports: The Ottawa Hospital has apologized to unvaccinated staff after an email was sent out offering a vaccine education session with each recipient’s name visible to others. The email was sent from one of the hospital’s software systems and recalled immediately, the hospital said in a statement emailed to CBC, adding all copies of the email…
PA: Indian Creek Foundation Provides notification ransomware incident
Indian Creek Foundation provides services to 1,200 youth and adults with intellectual disabilities and Autism. The following is a press release they have issued: SOUDERTON, Pa., Sept. 13, 2021 — On February 6, 2021, ICF discovered that portions of its computer network were infected with malware that encrypted certain systems. ICF promptly took the affected systems…