Category: U.S.

RI: Lifespan notifying 20,000 patients after unencrypted laptop stolen from employee’s car

Posted on by Dissent

Lifespan is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice concerns an incident involving some of that information. To date, Lifespan has no indication that any patient information has been accessed or used by anyone as a result of this incident. Lifespan is investigating the theft of an employee’s…

Read more

Cleveland Metropolitan School District discloses phishing-related incident

Posted on by Dissent

Cleveland Metropolitan School District, (“CMSD”), recently discovered an event that that may affect the security of personal and financial information of a select group of employees, students, their guardians, and/or other affiliates of CMSD. What Happened?  On March 6, 2017, CMSD determined that certain categories of employee, student, and/or guardian information contained in a limited…

Read more

PAUSD student data exposed in Schoolzilla data breach

Posted on by Dissent

So we’re beginning to learn a bit more about the Schoolzilla data breach that MacKeeper Security Research Center’s Chris Vickery reported yesterday. Chris had reported that 1.3 million students had their data in the misconfigured Amazon bucket, but he couldn’t be more specific as to where these students came from as he deleted the data…

Read more

No Business Associate Agreement? $31K Mistake

Posted on by Dissent

From HHS: The Center for Children’s Digestive Health (CCDH) has paid the U.S. Department of Health and Human Services (HHS) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a corrective action plan. CCDH is a small, for-profit health care provider with…

Read more