nbsp; Barbara Kram reports: The U.S. Department of Health and Human Services (HHS) has published guidance regarding technologies and methodologies to secure health information and prevent harm by rendering health information unusable, unreadable, or indecipherable to unauthorized individuals. The American Recovery and Reinvestment Act required publication of the guidance by April 18. This builds on…
Category: Health Data
Bits ‘n Pieces
In the justice system: Atin Singh, charged with stealing customer data from Roti Bistro where he worked, pleaded no contest to five felonies. More. Joseph A. Radican was sentenced to 18 months probation after pleading guilty in the theft of three computers from the Roudebush Veterans Affairs Medical Center in 2008 (previous coverage here). The…
(Follow-up) UK: Human error blamed for data loss
A health trust did not take adequate steps to prevent the loss of a memory stick with data on 6,360 prisoners and ex-prisoners, a report has said. The USB stick was being used to back up clinical databases at HMP Preston when it was lost on 30 December. A report found that human error was…
FTC Publishes Proposed Breach Notification Rule for Electronic Health Information
From the FTC: The Federal Trade Commission today announced that it has approved a Federal Register notice seeking public comment on a proposed rule that would require entities to notify consumers when the security of their electronic health information is breached. The American Recovery and Reinvestment Act of 2009 (the Recovery Act) includes provisions to…
Northeast Rehabilitation Hospital patient data stolen
On April 8, Northeast Rehabilitation Hospital in Salem, New Hampshire notified (pdf) the New Hampshire Attorney General that paper and electronic records with personal and medical information on 8 patients was stolen from an employee’s vehicle on March 20. The hospital provides services to patients in homes and schools, and the laptop and document were…
Five Romanians arrested for hacking into U.S. pharmaceutical companies
Dan Kaplan of SC Magazine reports that five people have been arrested for illegally accessing computer systems belonging to unnamed U.S. pharmaceutical companies. The hackers allegedly installed keylogger software to steal card data on point-of-sales systems. Lucian Constantin reports that according to a DIICOT press release (in Romanian), the remote administration system used by the…