Health Data – Page 228 – DataBreaches.Net

NY: Nassau notifies 209 workers their confidential personal data may have been breached by employees

Posted on February 19, 2022 by Dissent

Scott Eidler reports: Nassau officials have notified more than 200 current and former employees in the Assessment Department their confidential personal data may have been breached after some co-workers last year gained unauthorized access to human resources information about department workers. In a letter Thursday to Nassau County Executive Bruce Blakeman and county legislators, Technology…

2021 Saw Sharp Increase in Ransomware Data Leaks and Ransom Demands

Posted on February 19, 2022 by Dissent

HIPAA Journal has a piece highlighting some findings from Crowdstrike’s 2021 report. It begins: CrowdStrike has released its annual threat report which shows there was a major increase in data leaks following ransomware attacks in 2021, rising 82% from 2020. CrowdStrike observed 2,686 ransomware attacks in 2021 compared to 1,474 in 2020. There were more…

QRS Data Breach Exposed Psych Care Consultants Patient Information – Class Action Allegations

Posted on February 18, 2022 by Dissent

DataBreaches.net does not report on most potential class action lawsuits because many of them will not survive motions to dismiss. This case, however, is a bit more interesting to me because it involves sensitive mental health data, ransomware, leaked data, and claims about inadequate monitoring of a business associate. The case is K.L. v. Psych…

HHS Cybersecurity Program: Electronic Medical Records in Healthcare

Posted on February 18, 2022 by Dissent

HHS has published a new cybersecurity threat brief, available for download on their site. The topics include: • What Is an EMR, and How Is It Used in Healthcare? • Top EHR Software Used in Hospitals • Benefits & Risks of Using EMR/HER • Why EMRs/EHRs Are Valuable to Cyber Attackers • How Are EMR/EHRs…

“DC Health Launches New Portal for Residents to Access COVID-19 Vaccination Records” and it’s not going well – two reports of being sent someone else’s vaccine record

Posted on February 18, 2022 by Dissent

Readers of PoPville report: “Just applied for the new DC digital SMART Health Card and was sent someone else’s vaccine record?! Hopefully you’re not sending my vaccine card to other random people??” and “Received notification from DCHealth about digital vaccine record. Went to the site and signed up using DOB; PIN; and first and last name. Received…

HIPAA: The Who: Plans, Providers, and Clearinghouses, and the First of the Rule of 3s.

Posted on February 18, 2022 by Dissent

With all the wildly erroneous claims made by people about what is covered by HIPAA, here’s a great explainer by attorney Jeff Drummond on exactly what kinds of entities ARE covered by HIPAA (Spoiler alert: yes, your local bar CAN ask you your vaccination status without violating HIPAA because they are not covered by HIPAA)….