Harper Neidig reports: The Federal Trade Commission (FTC) on Wednesday told Congress that it only has 40 full-time employees dedicated to overseeing internet privacy and data security and requested lawmakers give the agency more resources to adequately police tech companies. FTC Chairman Joseph Simons, a Republican appointed by President Trump, wrote in a letter to…
Category: Breach Incidents
So your payment card hasn’t been misused after you used it at Planet Hollywood or Buca di Beppo? Don’t breathe a sigh of relief just yet.
Several days ago, Earl Enterprises, the hospitality industry firm behind several well-known restaurant brands like Planet Hollywood, Buca di Beppo, Earl of Sandwich, Chicken Guy!, Mixology, and Tequila Taqueria announced a security breach of its payment card processing systems. Their announcement came as no surprise to Brian Krebs, who had found Buca di Beppo customer…
Homeland Security issues warning about serious Medtronic flaw that might allow hackers to tamper with cardiac devices
I guess it’s not “click-bait” when the federal government issues a warning on it. But before you panic, read through the full DHS advisory below to see under what conditions this could potentially happen. And now that I’ve given you the “don’t panic yet” advice, I will readily admit that when my mother got a…
MO: Burrell Behavioral Health notified more than 67,000 patients whose ePHI were exposed by business associate
On March 29, Burrell Behavioral Health published a news release about an unnamed business associate accidentally exposing ePHI of more than 67,000 patients back in August, 2018. Burrell’s notification, reproduced below, does not indicate when the problem was first detected nor how they learned of it, but it was they who notified their business associate…
OCR Acting Deputy Director Talks Risk Management at Advocacy Summit
Anne Zender reports: Risk management, risk analysis, and enabling individual access to information are three areas where healthcare organizations have room for improvement, according to forthcoming findings from the Department of Health and Human Services’ Office for Civil Rights’ (OCR) HIPAA audit program. Timothy Noonan, acting deputy director, health information privacy at OCR, spoke about…
Proposed settlement agreement between Texas and OCR concerning a 2015 breach
The following analysis in the Texas Senate suggests that OCR and Texas have been negotiating a resolution agreement since Texas first reported this breach in June, 2015. Not only does that seem like a long time for this to be going on, but if you were to look at HHS’s public breach tool to see…