On November 9, DataBreaches.net published “Without Undue Delay” which catalogued health sector ransomware attacks where attackers had dumped patient data as part of an attempt to pressure their victims into paying ransom. That report was a companion to a post arguing that patients need to be notified sooner of ransomware dumps than HIPAA’s 60-day window…
Category: Health Data
Delaware Division of Public Health Announces Data Breach Incident Involving COVID-19 Results
DOVER (Nov. 15, 2020) – The Delaware Division of Public Health (DPH) is announcing today that it is mailing letters to individuals who were impacted by a recent data breach incident and is providing information to the public regarding the incident. On September 16, 2020, the Department of Health and Social Services (DHSS) discovered that…
400 patient records lost after cabinet at Hong Kong’s Queen Mary Hospital mistakenly removed by contractor
Zoe Low reports: A filing cabinet containing more than 400 patient records was suspected to have been mistakenly disposed of by a contractor at Hong Kong’s Queen Mary Hospital last Friday. The locked four-drawer steel cabinet was used to store the service records of 442 elderly patients who had received “integrated care and discharge support”…
COVID-19 Data-Sharing App Leaked Healthcare Worker Info
Elizabeth Montalbano reports: A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform’s web and Android apps allowed for unauthorized users to access private data about…
Finland government to help victims of identity theft
The Finnish Government has decided on measures to help victims of identity theft and to improve personal identity protection. The Ministry of Social Affairs and Health will firstly ensure that the victims of the data breach at Psychotherapy Centre Vastaamo continue to receive the necessary psychosocial and other support. Support will continue to be provided…
OCR Settles Eleventh Investigation in HIPAA Right of Access Initiative
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announces its eleventh settlement of an enforcement action in its HIPAA Right of Access Initiative. OCR announced this initiative as an enforcement priority in 2019 to support individuals’ right to timely access to their health records at a reasonable…