JEFFERSON CITY, MO – On October 24, 2018, the Missouri Department of Health and Senior Services (“Department”) mailed over 10,400 letters to individuals informing them that the Department recently discovered a breach of security of their personal information. The breach occurred because, sometime before September 30, 2016, an information technology contractor for the State of…
Category: Government Sector
Follow-up: Mecklenburg Co. not fined for releasing personal information of health department patients
WSOC-TV reports: The United States Department of Health and Human Services Office of Civil Rights did not fine Mecklenburg County for inadvertently providing Channel 9 with the personal medical information of thousands of health department patients in 2017. Records show Mecklenburg County self-reported the potential HIPAA violation on May 4, 2017. In March 2017, in…
NZ: IRD privacy breach raises data handling concerns
Nine to Noon reports: Inland Revenue’s data protection protocols are being questioned after a woman received information about a stranger’s child support in a copy-and-paste error. The Wellington woman got a letter from Inland Revenue addressed to her that included the full name of a father who was paying child support, and his child. She…
TX: Statement and Frequently Asked Questions about the 2018 ERS OnLine Security Incident
From the Employees Retirement System of Texas, this breach information notice. Note that this was reported to HHS with ERS listed as a health plan, and the breach was reported as affecting 1,248,263 members, but also note that no medical or health information was reportedly involved. On August 17, 2018, the Employees Retirement System of…
GSA Took 800 Days to Notify Some Data Breach Victims
Joseph Marks reports: It took the General Services Administration more than 800 days to notify a handful of people that it had accidentally exposed their personal information, according to an audit released Friday. In another case, the agency took six months just to determine that a data breach related to background investigation information had occurred,…
Indiana National Guard reports ransomware attack to server
WISH-TV reports: The Indiana National Guard revealed Thursday that a state, nonmilitary server with identifying information of its personnel was the subject of a ransomware attack. The Guard said in a news release from Master Sgt. Jeff Lowry: “As a result of this action we are in the process of notifying personnel that may be affected,…