From EPIC: EPIC has filed a “friend of the court” brief, joined by forty-four technical experts and legal scholars (members of the EPIC Advisory Board), in the OPM Data Breachcase. The case concerns the data breach at the US Office of Personnel and Management in 2015 that affected 22 million federal employees, their friends, and…
Category: Commentaries and Analyses
Human error to blame in vast majority of education data breaches
Mark Satter reports: The nation relies on teachers to educate our children and help them when they make mistakes. But when it comes to protecting students’ data, it is often the teachers and school staff who mistakenly let bad actors in to school computer systems, officials say. In a hearing Thursday before the House Committee…
So was TheDarkOverlord really arrested?
Over the past few days, I’ve been asked by many people what I think about reports that Serbian police arrested a member of TheDarkOverlord. Some journalists seem to be going even further and reporting that multiple arrests have been made. I’ve said repeatedly and will repeat it here: I don’t know who did get arrested,…
Steward Must Convince Jury Doc Fired For HIPAA Violation
Chris Villani reports: Steward Healthcare System LLC will need to convince a jury it fired a psychiatrist for violating the Health Insurance Portability and Accountability Act and not because, as the doctor claims, he took disability leave after getting pneumonia, a Massachusetts federal judge ruled Wednesday in denying part of a summary judgment bid. You…
More than 200,000 patients’ records were exposed on MedEvolve’s public FTP server – researcher
Common sense dictates that patients’ protected health information should not be made freely available on FTP servers that have no login required. And yet it still happens, and has happened again. Recently, this site learned of another FTP server exposing patients’ information. This particular FTP server belongs to MedEvolve, an Arkansas company that provides practice management…
Big Data Breaches Shine Spotlight on Laws Impacting Employee Data Protection
John Litchfield of Foley & Lardner reminds employers that there are new laws coming into effect that impact employers’ collection and protection of employee data. The following laws, he notes, come online this year: Alabama (effective June 1, 2018) Delaware (effective April 14, 2018) Oregon (effective June 2, 2018) South Dakota (effective July 1, 2018)…