Toula Mazloum reports: Three former hospital employees have been charged following investigations into unrelated alleged breach of patient privacy incidents that took place over the course of last year in different parts of the province, according to the Ontario Provincial Police (OPP). The investigations started after police received three complaints in western, eastern and northern…
Category: Insider
UK: Manchester employee handed suspended prison sentence for illegally accessing personal information
A motor insurance worker who unlawfully accessed personal information has been handed a suspended prison sentence after an investigation by the Information Commissioner’s Office. Rizwan Manjra, 44, from Bolton, led a team dealing with accident claims for Markerstudy Insurance Services Limited (MISL), based in the Arndale Centre in Manchester city centre. His unlawful conduct was…
In: Former employees booked for stealing company data and sharing with competitor
Your insider threat reminder comes from Mumbai this morning. Vinay Dalvi reports that Mumbai police filed an FIR against two ex-employees of Baccarose Perfume and Beauty Products Private Limited in Worli for allegedly stealing the firm’s confidential data and sharing it with a rival firm. The news report names those accused and provides some details…
Veterans Affairs’ Nurse Charged With Unlawfully Accessing Patient Health Information
Here’s today’s reminder of the insider threat. It’s a shame they don’t explain how the employee was able to access the patient’s information or why it was accessed. From the U.S.A.O. of the Western District of Michigan: GRAND RAPIDS – U.S. Attorney for the Western District of Michigan Mark Totten today announced that Jessica Nicole Pitcher,…
Failure to terminate access can be costly. Very costly.
Earlier today, DataBreaches posted an HHS OCR announcement of a settlement with a HIPAA covered entity. A former contractor had accessed its electronic medical record system on three occasions without authorization to retrieve PHI for use in potential fraudulent Medicare claims. OCR imposed a monetary penalty of $1.19 million for the entity’s failure to: conduct…
HHS Office for Civil Rights Imposes a $1.19 Million Penalty Against Gulf Coast Pain Consultants for HIPAA Security Rule Violations
In April 2019, DataBreaches reported that Gulf Coast Pain Consultants, LLC d/b/a Clearway Pain Solutions Institute had recently notified patients after discovering on February 20 that their EMR system had been accessed by a third party without authorization. At the time, they disclosed that 35,000 patients had been affected but they did not indicate that…