Ian Health reports that Appleby, a firm at the centre of the Paradise Papers data leak, has hired a high-profile media lawyer to help block further releases of confidential client data. Health reports: Appleby have maintained that the documents were illegally hacked from their files and have since initiated legal proceedings against the BBC and…
Category: Breach Incidents
Health Data Breaches in 2017: The Year in Review
Protenus, Inc. has released its 2017 review of breaches involving health data. It is the second annual review they have published since we began collaborating on data collection and analyses. As a reminder of last year’s major findings: Protenus reported that in 2016, insider incidents constituted approximately 43% of the 450 incidents we had compiled…
Colorado Legislature Considers Sweeping Privacy and Cybersecurity Legislation
David M. Stauss and Gregory Szewczyk of Ballard Spahr write: A bipartisan group of Colorado legislators proposed legislation that, if enacted, would significantly change the requirements for how Colorado entities protect, transfer, secure, and dispose of documents containing “personal identifying information” (PII). The proposed legislation also would expand the types of information covered by the…
Pedes Orange County notifying patients after doctor found accessing EMR without authorization
Pedes Orange County, Inc. in California shares their medical facility with another medical group that conducts surgical procedures. To coordinate, it seems that they share a scheduling tool with other medical professionals in their building. Somehow – and it’s not yet clear to me how this happened in terms of access controls – a physician…
Corovan Corporation & Employer Leasing notifying 1,500 California residents of data breach
It was one of those deja vu experiences I’m increasingly likely to have these days. I read a breach notification template that involved health insurance information, made a note of it in my compilation worksheet for Protenus, and was going about my other work when I read another notification template that was identical – except…
FTC: Privacy & Data Security Update: 2017
The Federal Trade Commission (FTC) has released its Privacy & Data Security Update: 2017. The report is organized by major privacy enforcement actions in 2017, data security enforcement in 2017, and other topics of significant concern such as fair credit reporting, children’s online privacy and do not call. Apart from the Lenovo, Uber, and D-Link…