If you thought former Tiversa employee Rick Wallace’s testimony in FTC v. LabMD was sensational, wait until you read a staff report prepared for Darrell Issa, then-Chairman of the House Committee on Oversight and Government Reform. The 99-page report, prepared in January but embargoed until after Wallace’s testimony, delves into Tiversa’s business practices and problems with the…
Category: Health Data
Consolidated Tribal Health Project, Inc. Notifies Employees and Patients of a Data Security Compromise
From their press release: Consolidated Tribal Health Project, Inc. (“CTHP”) has become aware of a data security event involving unauthorized access by a former employee to certain CTHP systems and information maintained by CTHP. CTHP has been working to understand the nature and scope of the incident, and has engaged third-party data forensics experts to assist with its investigation. …
MN: Associated Dentists notifying patients after office burglary
Associated Dentists is notifying affected patients of a data security incident that may affect the security of their protected health information. Associated Dentists and investigating authorities are unaware of any attempted or actual misuse of patients’ protected health information. Associated Dentists is providing notification to ensure that patients are aware of the incident so that…
IL: Boyd Hospital failed to remove stored patient records before building sold
Paging HHS to Aisle 4…. Samantha McDaniel-Ogletree reports: What started as a routine purchase of a surplus county building has resulted in the discovery of thousands of medical records and allegations of theft. Jerseyville resident Edward Crone bought the property at 505 S. Main St. from the county on March 19 — more than a…
University of Texas Southwestern Medical Center sent 1,032 immunization records to state registry by mistake
Sherry Jacobson reports: UT Southwestern Medical Center accidentally transmitted the immunization records of about 1,000 patients to a confidential Texas registry used by physicians, health departments and school districts. Letters were sent last week to the UTSW patients involved, expressing regret that their vaccination information had been shared with ImmTrac, a statewide registry service used…
Columbia Casualty asks court to let it off the hook for $4.1M settlement in Cottage Health System breach
So you apply for cyberinsurance and in your application, you describe all the security controls and policies you have in place. And an insurance company looks it all over and issues you a policy because you meet the minimum security practices they require. But then you don’t actually adhere to all the controls and policies you…