Because I’m at a conference, it’s been hard to update a lot, but here are a few of the health data breaches I’ve spotted this week: Main Line Endoscopy Centers in Pennsylvania announced that it recently mailed notifications to patients whose personal information was in an employee’s email account a t the time that the…
Category: U.S.
PA: Bill Targets Data Security of State Agencies, Municipalities and School Districts
Thomas S. Markey writes: On Feb. 19, a bill was introduced in the Pennsylvania Senate proposing to amend the Pennsylvania Breach of Personal Information Notification Act to add new breach notification requirements for state agencies and political subdivisions of the commonwealth. Enacted in 2005, the act (73 P.S. Section 2301 et seq.) applies to commonwealth…
FTC says it only has 40 employees overseeing privacy and data security
Harper Neidig reports: The Federal Trade Commission (FTC) on Wednesday told Congress that it only has 40 full-time employees dedicated to overseeing internet privacy and data security and requested lawmakers give the agency more resources to adequately police tech companies. FTC Chairman Joseph Simons, a Republican appointed by President Trump, wrote in a letter to…
Georgia Tech says data breach exposed info of 1.3 million people Updated: Apr 2, 2019 – 12:21 PM
WSB-TV reports: Georgia Tech says more than a million people’s personal information may have been exposed after someone gained “unauthorized access” to a web application. Officials said the breach impacts 1.3 million people, including “some current and former faculty, students, staff and student applicants.” They do not know what information was taken from the system,…
Michigan practice folds after cyberattackers wipe out all their files
On March 29, WWMT in Michigan reported: Hacked and held for ransom by a computer virus, a doctor’s office in Battle Creek was forced to close its doors after, doctors said, they refused to pay and their entire system was wiped out. Dr. William Scalf told Newschannel 3 ransomware locked up the system at Brookside…
HHS security policies should focus on incentives, not penalties, health IT leaders say
Heather Landi reports: The federal government needs to provide more resources and incentives to help healthcare organizations better protect their IT systems and data from cyberattacks, according to health IT security leaders. Currently, the Department of Health and Human Services’ privacy and security standards are too focused on compliance and are unduly punitive to healthcare…