Illinois-headquartered Flexible Benefit Service Corporation (“Flex”) is a general agency and benefit administrator serving insurance brokers, employers and insurance carriers. As such, they are a Business Associate to HIPAA-covered entities. The follow is from their notification of a security incident that was reported to HHS on February 16, as impacting 5,123 people. Flex does not indicate…
Category: U.S.
Professor in department of health services unintentionally releases personal student information via email
Rebecca Gross reports: On Jan. 25, 50 students and 35 faculty and staff members within the Department of Health Services received an email with a spreadsheet that contained personally identifiable information (PII) of more than 9,000 people. Amy Hagopian, associate professor in Health Services at the UW, unintentionally sent the email containing the spreadsheet to…
Kansas Department for Aging and Disability Services Notifies 11,000 Consumers About Breach of Protected Health Information
March 1, 2018 TOPEKA, Kan. – The Kansas Department for Aging and Disability Services (KDADS) has begun to notify individual consumers about a recent incident in which personal or protected health information was disseminated to a specific group of KDADS business associates. On February 23, 2018, KDADS became aware of a potential breach of personal…
St. Louis Community College investigating possible student data breach
KMOV reports: St. Louis Community College said it is investigating a possible breach of student information. The school says an email attachment containing personally identifiable information for 362 students was sent to a small number of other students. The attachment has names, email, ID numbers and home addresses of the 362 students. The school says…
Lawmaker looks to boost FTC power in data breach enforcement
Chase Gunter reports: Rep. Ted Lieu (D-Calif.) is looking to toughen standards on private sector data breaches. His new bill was released the same day that Equifax announced that an additional 2.4 million Americans had their information stolen from the company, on top of the 145 million it had previously disclosed. Lieu wants to expand…
Former University of North Georgia employee accessed protected student data in Banner
Viktoria Capek-Grey reports: On Monday, Feb. 26, the University of North Georgia’s Office of University Relations emailed all students regarding improper access of Banner information in January. The email cautioned students that a former student employee inappropriately accessed information protected by FERPA (Family Educational Rights and Privacy Act), though it said there is no evidence…