Representatives Ted W. Lieu (D | Los Angeles County) and Will Hurd (R | San Antonio) sent a letter to Deven McGraw, Deputy Director of the Office of Civil Rights of the Department of Health and Human Services (HHS) encouraging the office to focus on developing guidance for health care providers to respond to ransomware attacks under…
Category: Commentaries and Analyses
NEW: Monthly stats for health/med breaches
People have often asked me if I compile stats on the reports on my site. I haven’t, but am pleased to announce that I am now collaborating with Protenus to help them provide monthly stats for U.S. breaches involving health/medical data. You can read their first blog post on June incidents here. Here’s a snippet…
Password-sharing case divides Ninth Circuit in Nosal II
Orin Kerr writes: The Ninth Circuit has handed down United States v. Nosal (“Nosal II“), a case on the scope of the Computer Fraud and Abuse Act that I blogged about here and here. The court held 2-1 that former employees of a company who had their company accounts revoked violated the CFAA when they subsequently…
In 5-year period,162 security breaches impacted 7.6 million consumers in SC
Matthew Stevens reports: The South Carolina Department of Consumer Affairs has released its Security Breach Report from January 2011 through December of 2015. Over that span, the agency acknowledge 162 breaches that impacted more than 7.6 million consumers in SC. The report found that the most breaches, 39, were related to the retail and food…
UK: Safe in Police hands? New Big Brother Watch report released
Big Brother Watch has released a new report on data protection in the UK police. Some of their key findings for the period June 1, 2011 – December 31, 2015 were that there have been 2,315 breaches in police forces, including: 869 (38%) instances of inappropriate/unauthorised access to information 877 (38%) instances of inappropriate disclosure of data…
UK: NHS seeks cure for its costly digital headache
Gill Hitchcock reports: This May two NHS trusts were fined almost £400,000 for failing to protect confidential information. Chelsea and Westminster revealed the email addresses of HIV service users, while Blackpool teaching hospitals published private information about thousands of staff online. But are these incidents simply isolated sloppiness or a growing problem as the NHS digitises its records?…