Another day, another report of a data security incident because an employee fell for a phishing attack and the entity can’t be sure whether any protected health information or PII was actually accessed. Delta Dental of Arizona disclosed a July 8 incident this week. According to their press release, and after reiterating that they were…
Category: Commentaries and Analyses
Senator Warner wants to know what HHS OCR did in response to massive leak of patient medical images by organizations
This is a press release you may want to really read as it raises a number of important questions to HHS OCR as to how they do things — and how quickly (or not quickly). Nov 08 2019 WASHINGTON – U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Intelligence Committee and co-founder of the…
Main Street Clinical Associates, PA Notifies Patients After Looters Steal PHI
The press release below the separator on this page describes a statistically unusual incident; an explosion at a building adjacent to a covered entity caused an emergency evacuation in which files and file rooms were left open and unsecured. But then the entity and its employees were not allowed to re-enter the building for months….
City of Norman, OK temporarily suspends utility payment portal; ditches Click2Gov after another potential security incident
The City of Norman, Oklahoma has suspended its online portal for paying utility bills after they were notified of a potential security incident involving Click2Gov software by CentralSquare Technologies. At this point, the city seems to have had enough with Click2Gov security issues. The city is currently in the process of switching over to another…
Now available: Catalan Information Security Center produces reports in English for the 2019 Barcelona Congress
CESICAT (Information Security Center of Catalonia) contacted me this week to share some news and to ask me to share it with my readers and followers on Twitter. I am delighted to. CESICAT is a public organization committed to protecting cybersecurity of the public sector in Catalonia. Next year they will become the Cybersecurity Agency…
Europol Publishes Law Enforcement and Industry Report on Spear Phishing
The Hague — Today, 4 November 2019, Europol’s European Cybercrime Centre (EC3) published a strategic report on spear phishing, reflecting the views of both law enforcement and private industry on one of the most prevalent cyber threats currently affecting organisations across the EU. Spear phishing describes the practice of targeting specific individuals within an organisation…