Seen at Osborne Clark: Following a massive health data leak disclosed in the press concerning nearly 500,000 persons in February 2021, the French Authority for Data Protection (CNIL) has fined (fr) the company Dedalus Biologie 1.5 million euros mainly for failure to comply with its data security obligation. Dedalus Biologie is an application software editor…
Category: Health Data
New York dental insurer reports phishing incident, French hospital group hit in ransomware incident
Healthplex, Inc. in New York provides dental insurance plans. On November 24, 2021, an employee reportedly fell for a phishing attempt. As a result, the insurer notified 76,262 of their insured members whose personal information may have been impacted. They do not make clear whether their investigation confirmed access and exfiltration or just access, so…
NH: Center for Life Management breach impacted mental health clients
From their notice: The Mental Health Center of Greater Manchester (“MHCGM”) is providing notice of a recent data security event that occurred at a third-party community partner MHCGM had used for data storage, Center for Life Management (“CLM”), that may impact the privacy of certain information relating to MHCGM patients or those who were assessed…
Illinois Gastroenterology Group is providing notification of breach first discovered last October
From their notification: Illinois Gastroenterology Group, PLLC (“IGG”) is providing notice of a recent incident that may affect the security of certain individuals’ information. On October 22, 2021, IGG discovered unusual activity within its computer network. IGG immediately launched an investigation, with the assistance of third-party cybersecurity specialists, to determine the nature and scope of the…
Scott County, Iowa discloses data security incident
Seen on the county’s website, dated April 22, 2022: Notice of Data Privacy Event Scott County, Iowa (“Scott County”) is providing notice of a data privacy event. To date, we have no evidence of actual or attempted misuse of information as a result of this incident. In an abundance of caution, we are notifying potentially…
Kaiser Wins Trademark Injunction Against Patient Data Company
Isaiah Poritz reports: Kaiser Foundation Health Plan Inc. won a preliminary injunction in California federal court against medical records company SureFile Filing Systems for attempting to sell patient data using Kaiser’s trademarks. Kaiser is likely to succeed on the merits of its breach of contract and common law trademark counterclaims against SureFile, Judge Mark C. Scarsi…