Emily Roberts reports: Personal details about women who have had a stillbirth appear to have mistakenly been published online by the trust which runs Basingstoke hospital. […] Three reviews were published in two different documents in June and July, providing details including the date and time of the stillbirth, the women’s age and BMI, the…
Category: Health Data
LifeLabs agrees to comply with privacy commissioners’ orders, but challenges release of investigation report
From the Office of the Information & Privacy Commissioner of British Columbia, this press release below. This is the second time in the past few months where we have seen an entity really fight an order to release a forensics report on a breach. In the U.S., we saw a court order Capital One in…
Coronavirus: Iran cover-up of deaths revealed by data leak
BBC reports: The number of deaths from coronavirus in Iran is nearly triple what Iran’s government claims, a BBC Persian service investigation has found. The government’s own records appear to show almost 42,000 people died with Covid-19 symptoms up to 20 July, versus 14,405 reported by its health ministry. The number of people known to…
AU: Aged care operator’s resident data stolen and dumped in ransomware attack
Speaking of ransomware attacks in Australia, Emma Koehn reports: ASX-listed aged care operator Regis has been hit by an international cyber attack that has led to the release of sensitive personal data, adding to the woes of the company which is battling a coronavirus outbreak at one of its Melbourne centres. The $400 million operator…
Some Cub Pharmacies in Minnesota report breaches due to looters
Cub Pharmacies is the fourth chain I’ve seen that is reporting some theft of protected health information related to looters during protests in May. But when you read the descriptions of these events — these not just protesters protesting. These people intentionally stole patient data and records. For what political protest purpose? None that I…
WV: Elkins Rehabilitation & Care Center notifies residents and employees of breach first discovered in February 2019
I know some people may think I’m being too harsh, but really — almost 1.5 years from detection to notifications to people of a breach? Their response in terms of preventing more incidents seems reasonable, but the gap to figure out that notification was needed and then whom to notify seems too long. What will…