I guess it’s not “click-bait” when the federal government issues a warning on it. But before you panic, read through the full DHS advisory below to see under what conditions this could potentially happen. And now that I’ve given you the “don’t panic yet” advice, I will readily admit that when my mother got a…
Category: Breach Incidents
MO: Burrell Behavioral Health notified more than 67,000 patients whose ePHI were exposed by business associate
On March 29, Burrell Behavioral Health published a news release about an unnamed business associate accidentally exposing ePHI of more than 67,000 patients back in August, 2018. Burrell’s notification, reproduced below, does not indicate when the problem was first detected nor how they learned of it, but it was they who notified their business associate…
OCR Acting Deputy Director Talks Risk Management at Advocacy Summit
Anne Zender reports: Risk management, risk analysis, and enabling individual access to information are three areas where healthcare organizations have room for improvement, according to forthcoming findings from the Department of Health and Human Services’ Office for Civil Rights’ (OCR) HIPAA audit program. Timothy Noonan, acting deputy director, health information privacy at OCR, spoke about…
Proposed settlement agreement between Texas and OCR concerning a 2015 breach
The following analysis in the Texas Senate suggests that OCR and Texas have been negotiating a resolution agreement since Texas first reported this breach in June, 2015. Not only does that seem like a long time for this to be going on, but if you were to look at HHS’s public breach tool to see…
DENTAL & MEDICAL COUNSEL: How Data Breaches Affect Dental Practices
Ali Oromchian Esq of the Dental and Medical Counsel wrote the following piece: As technology evolves so do the risks to a dental practice especially when it comes to HIPAA and other related security breaches of sensitive data. When you own a dental practice, a data breach occurs when there has been unauthorized access to…
AU: Security researcher pleads guilty in GoGet case
There’s an update to a case previously noted on this site in January, 2018. Rohan Pearce reports: Illawarra-based security researcher Nikola Cubrilovic has pleaded guilty to charges related to unauthorised access to the GoGet service and will be sentenced in May. Cubrilovic was arrested in January 2018 and charged with allegedly accessing a database the car-sharing…