Chris Villani reports: Steward Healthcare System LLC will need to convince a jury it fired a psychiatrist for violating the Health Insurance Portability and Accountability Act and not because, as the doctor claims, he took disability leave after getting pneumonia, a Massachusetts federal judge ruled Wednesday in denying part of a summary judgment bid. You…
Category: Commentaries and Analyses
More than 200,000 patients’ records were exposed on MedEvolve’s public FTP server – researcher
Common sense dictates that patients’ protected health information should not be made freely available on FTP servers that have no login required. And yet it still happens, and has happened again. Recently, this site learned of another FTP server exposing patients’ information. This particular FTP server belongs to MedEvolve, an Arkansas company that provides practice management…
Big Data Breaches Shine Spotlight on Laws Impacting Employee Data Protection
John Litchfield of Foley & Lardner reminds employers that there are new laws coming into effect that impact employers’ collection and protection of employee data. The following laws, he notes, come online this year: Alabama (effective June 1, 2018) Delaware (effective April 14, 2018) Oregon (effective June 2, 2018) South Dakota (effective July 1, 2018)…
U.S. Education Department employee who infected his government computer with malware from searching for child porn was allowed to retire with no prosecution
Wills Robinson reports: A Department of Education employee left government computers vulnerable to hacking after downloading a virus while searching for ‘naked toddlers’, ‘little boys’, a and references to child rape, a report has revealed. Documents obtained through a Freedom of Information Act request by DailyMail.com show the staffer typed in at least 18 illicit…
Data Breach Disclosure Is Still Taking Too Long, Report Reveals as GDPR Looms
Graham Cluley explains: The accepted wisdom in the field of cybersecurity is that things are getting worse, and that more businesses are losing control of more data than ever before. What a bunch of pessimists we are… The truth, however, might be rather different. A new study published by Risk Based Security has examined the…
Ph: Privacy commission orders Jollibee to suspend online delivery services over data breach
Ted Cordero reports: The National Privacy Commission (NPC) on Tuesday ordered fast-food giant Jollibee Foods Corp. to suspend its online delivery platform indefinitely due to a data breach reported by the company in December last year. The NPC ordered Jollibee to suspend the operations jollibeedelivery.com and all other data processing open to the public through…