Estimate in haste, repent in leisure? Over on PHIprivacy.net, I recently reported on a breach in Jersey City involving patient records stolen from a shed behind a doctor’s office. The first media report, on NJ.com, said Dr. Nisar A. Quraishi told police that 40,000 patients’ records had been stolen. At 40,000, that incident would qualify as the second largest breach…
Category: Health Data
68% of Healthcare Data Breaches Due to Device Loss or Theft, Not Hacking
Jasmine Pennic reports: 68 percent of all healthcare data breaches since 2010 are due to device theft or loss, according to the 2014 Healthcare Breach Report from Bitglass. Despite the recent headlines of hacker attacks to hospitals, only 23 percent of healthcare data breaches were a result of cybercriminals compromising networks and exfiltrating data. The findings come…
Will this lesson be learned?
When I saw the headline, “Class action lawsuit seeks to send message about the importance of safeguarding data,” I thought, “Oh, puhleese, how many times are we going to claim we’re just trying to send a message? Why haven’t they gotten it already?” But then I kept reading a news story by Joel Griffin, and…
ME: Island Nursing Home successfully sued by former employee
It’s not often we see an employee lawsuit against an employer over lousy data protection, and when we do, it’s more likely to be potential class-action lawsuits by employees following a hack or other data breach. In this case, an individual employee sued her former employer for not adequately storing and protecting her information. Faith DeAmbrose…
FL: Hollywood Man Sentenced To Over 12 Years For Identity Theft Tax Refund Fraud Case Involving Theft Of Over 5,000 Identities
There’s a follow-up to a case previously noted on DataBreaches.net, and it appears to be yet another case of an insider breach to fuel a tax refund fraud scheme in Florida, but we still don’t know the name of the company or covered entity from whom the identity information was stolen. Nor do we know whether…
Ebola and Privacy: Snooping, Confidentiality, and HIPAA
Daniel Solove writes: One of the things that struck me about the Ebola cases at Dallas Presbyterian Hospital was that all of the Ebola victims were named almost immediately. How could this happen? In all the swirling news coverage, I was struck by the fact that few were asking the question: Why were all of…