In January 2015, Ronald D. Garrett-Roe, MD, a physician in Texas, notified HHS that 1,600 patients were affected by a hacking/IT incident involving a desktop computer. At the time, I could find no additional details on the incident, but now we have this somewhat puzzling summary of OCR’s investigation: Alleged hackers gained unauthorized access to one or…
Category: Breach Incidents
Follow-up: Boston Baskin Cancer improved data security safeguards following breach
Remember the Boston Baskin Cancer Foundation breach involving the theft of a hard drive from an employee’s home? The breach affected almost 57,000 patients and employees. Here’s the summary of OCR’s investigation into the incident: On December 2, 2014, a Boston Baskin Cancer Foundation employee’s laptop computer and external hard drive were stolen. The external hard…
Follow-up to Boyd Hospital breach
Remember the case in Illinois where Boyd Hospital had stored patient records in a building that was later sold as surplus? The hospital claimed it didn’t know the new owner was taking possession of the building, which is why the patient records were still in there when the new owner took possession of the premises….
Austin dumpster diver finds A-list actors’ private info
Kris Betts reports: A local security expert who occasionally moonlights as a dumpster diver found the personal information of several A-list celebrities during a swap meet. “I was in LA and a guy was taking the boxes of scripts and getting ready to throw them away and I was like ‘Whoa, whoa what are those?’”…
FTC v. LabMD: A bad case and a questionable decision, but the right outcome
As I reported last Friday, FTC’s Administrative Law Judge D. Michael Chappell dismissed FTC’s enforcement action against LabMD, explaining that the regulator failed to meet the injury prong of the unfairness test under the FTC Act. The FTC issued a press release about the decision yesterday. The decision was noteworthy for two reasons. It was the first data security enforcement…
Federal judge dismisses indictment against auxiliary cop charged with hacking into NYPD database
John Marzulli reports: A federal judge tossed an indictment Wednesday against an NYPD auxiliary cop charged with hacking into a police computer in Brooklyn to obtain traffic accident information, the Daily News has learned. Yehuda Katz is off the hook on computer fraud charges after prosecutors acknowledged the government recently became aware of information “suggesting…