The Gleaner reports a follow-up on an unsecured storage server exposing personal information and COVID-related information of travelers to Jamaica. The exposed bucket was first reported by Zack Whittaker of TechCrunch on February 17: The storage server, hosted on Amazon Web Services, was set to public. It’s not known for how long the data was…
Category: Health Data
IT: Guarantor for privacy: two hospitals and one AUSL sanctioned
Marco De Felice reports: The Guarantor for privacy has sanctioned two hospitals and an AUSL, they had communicated medical information to the wrong people. The three structures fined are the Sienese University Hospital , the University Hospital of Parma and the Romagna Local Health Authority . The two hospitals received a fine of €10,000, while for the Romagna AUsl the fine was €50,000. ……
SG: Undertaking by StarMed Specialist Centre Pte Ltd
The Personal Data Protection Commission of Singapore announced a new undertaking this week. The incident that led to the investigation was a ransomware attack on a medical entity, and findings included that the entity had left RDP open and had weak login credentials, among other concerns. The undertaking was to get them to harden their…
Patient data at risk as doctors communicate with Facebook, WhatsApp
Domanii Cameron reports: Doctors at public and private hospitals are having to consult about their patients via Facebook and messaging apps, prompting calls for a real-time messaging platform. Rural Doctors Association of Australia president John Hall told The Sunday-Mail he had witnessed the issue first-hand while claiming it was widespread practice. Read more on Herald Sun (AU.
Kroger reports Accellion data breach affecting pharmacy records, associate HR data
Updated March 9: This incident subsequently appeared on HHS’s public breach tool as having been reported to HHS on February 19 and impacting 368,100 patients. Brian Planalp reports: Kroger is informing some customers and associates that a third-party software company it uses for data services recently suffered a data breach. Kroger’s own IT systems were not…
CIS launches no-cost ransomware service for U.S. hospitals
Kat Jerich reports: The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity…