We’ve seen mistakes made in responding to public records requests that result in people’s personnel information or identity information being improperly released. But if there’s a mistake, and the receiving party is a journalist who agrees NOT to use the information and who destroys the data, should those whose data were revealed be entitled to…
Category: Breach Incidents
Chicago Public Schools error exposed more than 3,700 students’ and families’ data
David Struett reports: Chicago Public Schools apologized Friday evening for a mass email accidentally linking to the private data of thousands of students and families. […] Families were sent an email Friday evening from CPS’s Office of Access and Enrollment inviting them to submit supplemental applications to selective enrollment schools. Attached at the bottom of…
San Francisco acupuncturist notifies patients whose records were stolen in burglary
Denise M. Bowden, LAc, M.S. is a licensed acupuncturist in San Francisco. A notice on her web site describes a recent data security breach: Denise M. Bowden, a board licensed acupuncturist, has become aware of a potential data security incident that may have resulted in the inadvertent exposure of some patients’ personal and health insurance…
RISE Wisconsin Notifies Plan Participants of Data Security Incident
MADISON, WI – June 7, 2018 – RISE Wisconsin (“RISE”) (formerly Community Partnerships and Center for Families) has become aware of a data security incident that may have involved the limited protected health information of our participants. Although at this time there is no evidence of any attempted or actual misuse of anyone’s information as…
Hair Free Forever notifies clients/patients that a former employee is misusing their information to recruit patients for another practice
Hair Free Forever (HFF) appears to have suffered an insider-wrongdoing breach involving a now-former employee using patient information to solicit patients for another business. HFF’s notification letter suggests they are covered by HIPAA. The number of patients affected by the breach is not disclosed in the template notification letter submitted to the state attorney general’s office,…
Elmcroft Senior Living notifies residents and family members of hack
Elmcroft Senior Living is notifying an unspecified number of residents of a hacking incident that occurred on May 10 and that was discovered on May 12. According to a template of their notification letter submitted to the California Attorney General’s Office, the May 10 hack included files containing personal information about residents or their family…