Healthfirst, 100 Church Street, New York, New York 10007, is notifying approximately 5300 affected members and past members that their personal information may have been compromised in the course of a criminal fraud scheme perpetrated against Healthfirst. Social Security numbers and credit card information were not affected. On May 27, 2015, Healthfirst was informed by the Department of…
Category: U.S.
Georgia Division Of Aging Services Notifies 3,000 Clients Of Data Breach
Randy L. Key reports: Georgia’s Department of Human Services Division of Aging Services has notified approximately 3,000 clients in the Community Care Services Program of an unauthorized disclosure of their protected health information. The Department has identified the root cause of the issue, which involved the inadvertent disclosure of certain health diagnoses of affected program…
More details on the FTC-LifeLock case
In light of the FTC’s action against LifeLock, and the latter’s response, I thought it might be interesting to post this statement from LifeLock’s 10-Q SEC filing for the period ending March 31, 2015: On March 13, 2014, we received a request from the FTC for documents and information related to our compliance with the…
Update on Medical Informatics Engineering breach (update3)
I’ve previously reported on the breach at Medical Informatics Engineering that affected a number of their Medical Informatics Engineering and NoMoreClipboard clients. Today, they provided an update on the breach. Much of it is a rehash of the previous notification, but there are some additional details on the types of information compromised: The affected data relating to…
Is there a “constitutional right to informational privacy”? as claimed by NTEU’s data breach lawsuit?
On July 8, in noting NTEU’s lawsuit over the OPM hack, I had questioned the suit’s claim that the government breach constituted a violation of their “constitutional right to informational privacy.” Jennifer E. Canfield of Montgomery McCracken Walker & Rhoads LLP also picked up on that point and discusses the issue on Montgomery McCracken Data Privacy…
Massachusetts DESE finds Tewksbury data breach violated state law
In April, this site noted what I described as a “horrific” breach involving the Tewksbury public schools. A document included in a 222-page School Committee packet that had been publicly available online not only exposed personal and private details for the out of district placements of 83 special education students, but it rated their parents according…