Category: Commentaries and Analyses

What HHS may not do, a state might

Posted on by Dissent

Back in June, 2014, this site noted two breaches disclosed by Rady Children’s Hospital in San Diego that involved patient data being disclosed to job applicants. Later that month, we learned that in the process of investigating the two known breaches, Rady uncovered two more such breaches. Rady duly notified HHS in June, 2014. More than two years later, there…

Read more

Analysis of World Check data leak by Risk Based Security: Hackers & Collectives

Posted on by Dissent

From RBS: In early July, it was revealed that a Thomson Reuters service known as World-Check had licensed information to a client that subsequently failed to secure the database. The leak, discovered by Chris Vickery, affected over 2.2 million persons identified as “heightened-risk individuals” that had been included in the World-Check database between 3/17/2000 and 9/17/2014. Shortly after the discovery, Risk…

Read more

An Assessment of the Anthem Data Breach Litigation Rulings

Posted on by Dissent

David Silverman writes: [Eric’s intro: this blog post helps distill Judge Koh’s two rulings, In re Anthem Inc. Data Breach Litig., No. 15-MD-02617 (N.D. Cal. Feb. 16, 2016) (“Anthem I”) and In re Anthem Inc. Data Breach Litig., No. 15-MD-02617 (N.D. Cal. May 27, 2016) (“Anthem II”). These are complicated opinions, and I hope this post helps…

Read more

Third Circuit Considers Injury-in-Fact Requirement for Data-Breach Class Actions

Posted on by Dissent

Natalie Garcia and Charles W. Mondora write: Two class actions currently pending in the United States Court of Appeals for the Third Circuit, In re Horizon Healthcare Services Inc. Data Breach Litigation (D. N.J. Mar. 31, 2015), appeal docketed, No. 15-2309, and Storm v. Paytime, 90 F.Supp. 3d 359 (M.D. Pa. 2015), appeal docketed, No. 15-3690, are being monitored closely…

Read more