Anya van Wagtendonk reports: Private medical records that may have included Social Security numbers of more than 4,000 patients at a Grand Haven hospital were improperly accessed by a hospital employee over more than three years. Between May 2016 and Oct. 2019, a hospital employee accessed the records of 4,013 patients at the North Ottawa…
Category: Health Data
Unsecured backup devices continue to be a hot mess
After a few years of headlines blaring mega-numbers of records exposed by misconfigured RSYNC backups, we might hope that we would be seeing fewer errors by now. But it seems that RSYNC errors continue at a high rate, exposing massive amounts of data. This month, part of what I did was look at RSYNC errors…
Minnesota Blue Cross scrambles to boost cyberdefenses
Joe Carlson reports: Blue Cross Blue Shield of Minnesota is working rapidly to shore up its cybersecurity defenses after an internal whistleblower raised alarm that the state’s largest health insurer had long neglected thousands of important updates. Internal documents show that Minnesota Blue Cross allowed 200,000 vulnerabilities classified as “critical” or “severe” to linger for…
Hackensack Meridian: We paid ransom to hackers to stop hospital cyber-attack
Michael L. Diamond reports: Hackensack Meridian Health paid an undisclosed amount in ransom to stop a cyber-attack that has disrupted the hospital owner’s computer network since it began last week, the company said Friday. The Edison-based company said it had insurance to help cover the costs associated with cyber-attacks, including payment, remediation and recovery efforts….
On the notification warpath, Friday edition
In 2006, I started advocating that there needs to be a law or regulation that requires businesses to have a method to receive notifications of security alerts. A number of people I respect offered explanations as to why that wasn’t a great idea. But 13 years later, I’m more convinced than ever that we need…
UK: 700,000 Hospital Letters Go Missing Since 2011
Spring Hill Insider reports: Thousands of patients may have suffered delays to treatment after it was revealed that the NHS failed to deliver more than half a million sensitive documents to GPs. Test results from biopsies and patient treatment plans were among the thousands of official records that went missing between 2011 and 2016. Read…