Francesca Fionda reports: Up on the roof of the Vancouver Public Library, privacy researcher Sarah Jamie Lewis connects a small antenna to her laptop to listen in on what appears to be a major ongoing breach of sensitive health data of patients in the Vancouver area. For months, she says, personal information has been sent…
Category: Health Data
Alive Hospice’s breach notification required a second breach notification
It occasionally happens that a breach or incident response creates a second incident of its own. That seems to be the case with Alive Hospice, as this newest press release suggests, but does this require second notification to HHS/OCR? My first impression is that it would, but I’m interested to hear what HIPAA lawyers might…
Oh good grief, Saturday edition
Seen on Twitter: BREAKING: Dutch hospital that just got fined 460.000 euro by Dutch DPA for staff snooping in medical files, is in the news today again: staff used medical files as grocery list. Left them in shopping cart supermarket. Compliance is a cultural issue!https://t.co/LhVELzgL8J #GDPR — Jeroen Terstegge (@PrivaSense) September 7, 2019 A google…
Meridian Community College discloses a breach that was discovered in January
A breach notification by Meridian Community College demonstrates once again, why entities should make determined efforts not to leave emails in employee accounts that may have personally identifiable information in attachments or the emails themselves. In this case, the types of personal information included name, Social Security number, driver’s license number, passport number, date of…
UK: Gender identity clinic leaks almost 2,000 patients’ email addresses
Chris Fox reports: The Charing Cross Gender Identity Clinic sent patients an email about an art competition, with hundreds of others CC-ed in. The clinic later tried to recall the message but the error had already been noticed. The Tavistock and Portman NHS Foundation Trust, which is responsible for the clinic, is investigating. Read more…
Two men accused of harassing NJ police officers by posting hacked personal info online
Joshua Jongsma reports: Two New York men hacked the personal information of 50 North Jersey public employees, mostly police officers, and posted much of it online, authorities said. Evan Koulikov, 21, of Spring Valley, New York also made harassing phone calls to many of the victims, according to the Bergen County Prosecutor’s Office. Eric Williams,…