Gene Zaleski reports: The Regional Medical Center has offered identity theft coverage to about 200 patients after discovering a possible breach of its computer system. RMC President Tom Dandridge said the hospital’s auditor found an former employee’s password may have been used to access medical records. “We could not determine whether there had a been…
Category: Health Data
Connecticut Insurance Commissioner Announces Data Breach Notification Mandate
Joseph Lazzarotti of Jackson Lewis writes: On August 18, 2010, the Connecticut Insurance Commissioner issued Bulletin IC-25 which mandates that entities within its jurisdiction notify the Department of Insurance of any “information security incident.” This post provides a brief summary of this new requirement. […] What is an “information security incident”? Under this Bulletin, an…
De: Drugstore Schlecker customer information exposed on web
German drugstore chain Schlecker has suffered a major online data breach, with the names, addresses and profiles of about 150,000 customers being exposed on the internet, the company announced Friday. A spokesman for the firm confirmed media reports that the personal data of online customers had for an unspecified time found their way onto the…
FL: Tamarac woman says she stole ID to replace breast implants, furnish condo
Juan Ortega reports on a case of low-tech mail theft used for medical ID theft: A Tamarac woman told a judge she stole someone’s identity and spent nearly $20,000 in ill-gotten funds, largely because she needed to replace defective breast implants and furnish her condo. Shatarka Nuby, 29, offered that explanation to U.S. District Judge…
With No Harm Threshold, Nearly All Breaches Substantiated in CA
Dom Nicastro provides some interesting data from California, where there is no “harm threshold” in mandated reporting requirements for breaches involving medical records: Since California’s new law went into effect last year, the state has received 3,766 breach reports. …. California’s investigations team has completed reviews of 1,953. It found that 98.7% of those breaches…
Moffitt reviewing 492 patient records in privacy breach
Lindsay Peterson reports: Moffitt Cancer Center is contacting 492 of its patients after learning an employee falsified at least one patient’s signature on a consent form for a cancer research study. Moffitt discovered the falsification July 29, and immediately began looking into the records of 6,464 patients who are enrolled in the 4-year-old research study,…