Category: Health Data

Dom Nicastro of Health Leaders Media has an item today about how KPMG, the company hired by OCR to implement the HITECH-mandated HIPAA compliance auditing plan, had its own data breach last year.  That breach was covered at the time on PHIprivacy.net, here.  Dom writes, in part: Asked if OCR considered the KPMG involvement on…

 A Department of Veterans Affairs worker has been sentenced to 11 years in federal prison for stealing personal information from disabled North Carolina veterans to generate bogus tax returns. Michael Ray Woods, 48, of Fayetteville, was convicted in February of 12 counts of preparing false tax returns, 10 counts of wire fraud, 10 counts of…

From the Information Commissioner’s Office: Bay House School in Hampshire breached the Data Protection Act after the personal details of nearly 20,000 individuals, including some 7,600 pupils, were put at risk during a hacking attack on its website. The hack – which happened in March and involved one of the school’s pupils – exposed pupils’…

Liz Kowalczyk reports: A doctor from Brigham and Women’s/Faulkner Hospital lost an external hard drive on June 21, and the device may have contained medical information for 638 patients. The Brigham has sent a letter to those patients describing the problem. Patients who have questions can call toll-free at 877-694-3367. Information related to inpatient hospital…

The World Privacy Forum has constructed an interactive map that highlights the location of all medical ID theft complaints collected from 2008- Feb. 12, 2009 by the Federal Trade Commission.

I’ve often disagreed with the Center for Democracy & Technology, but I laud them for pointing out the glaring holes in proposed federal data security and data breach notification laws that exclude health information.  Harley Geiger writes: One of the negative side-effects of the sectoral approach the United States has taken to privacy regulation is confusion over…