Now THIS really surprises me. Robyn Craig reports: The U.S. Department of Education will become involved with [Oklahoma University] regarding the recent security breach, which released thousands of students’ personal information. The breach, which violated federal law, resulted in the release of student information, including student financial information. Therefore, the U.S. Department of Education is…
Category: Commentaries and Analyses
Oral Argument in LabMD Case to Test FTC’s Enforcement Authority
Jimmy H. Koo reports: The Federal Trade Commission will have an opportunity to justify its data security enforcement authority when oral argument in LabMD Inc. v. FTC starts June 21 before the U.S. Court of Appeals for the Eleventh Circuit, attorneys told Bloomberg BNA. One of the critical issues likely to emerge in the case…
Medical records stolen from old nursing home; no one takes responsibility????
Barb Ickes reports: What no doubt will come as a shock to some is no surprise to others. An East Moline parent called last week and told about discovering two sets of strangers’ medical records in her daughter’s belongings. The documents included lists of medications, doctors’ notes, diagnoses and other personal information, including Social Security…
The messy, messy month of May
Compiling data for Protenus, Inc.’s breach barometer should be relatively routine and straight-forward. In May, however, it wasn’t. Here’s a rundown on the factors that complicated our analyses: Investigating patient data put up for sale on the dark web. Determining whether the breaches were legitimate or fake turned out to be headache-inducing, as the following scenarios…
Deeper Dive: Clapper Divide Expands In Data Breach Cases
Sean McIntyre reports: As reported in our 2017 Data Security Incident Response Report, plaintiffs allege potential future harm as a basis for injury in 80 percent of data breach lawsuits. But are allegations of future harm sufficient to meet Article III’s cases-and-controversies requirement, specifically with regard to the injury-in-fact element of standing? Despite the prevalence…
HHS is considering changes to OCR’s ‘wall of shame’—and experts are divided on the impact
Evan Sweeney reports: The Department of Health and Human Services is exploring potential changes to the agency’s “wall of shame,” a legislatively mandated website that tracks healthcare data breaches dating back to 2009. During a hearing addressing cybersecurity concerns in healthcare last week, Leo Scanlon, deputy chief information security officer at HHS, told Rep. Michael…