Insider breaches are global, and attempts to stop women from controlling their own bodies are also, sadly, global. Gilad Morag reports from Israel: The cyber division of State Attorney’s Office charged at the Tel Aviv District Court a medical secretary at a private Be’er Sheva clinic as well as two employees of the Hidabroot for…
Category: Health Data
“First do no harm” should be “First, secure your patient data, Doctor!”
When they discovered more than 42,000 patient records and millions of patient clinical notes exposed on a misconfigured rsync backup, researchers at UpGuard responsibly set out to notify the entity to secure their data. It turned out to be a Herculean task that would take almost two months and multiple entities to get the job…
UK: Kent and Medway NHS and Social Care Partnership apologizes for data breach
Natalie Tipping reports: A Kent NHS Trust has apologised to patients after their records were accessed inappropriately, leading to a police probe into the incident. Letters have been sent out to patients of the Kent and Medway NHS and Social Care Partnership Trust (KMPT) detailing that a member of staff has been dismissed from their…
SAMBA Federal Employee Benefit Association programming error resulted in mismailed information
From their press release: SAMBA Federal Employee Benefit Association (“SAMBA”) recently learned of an incident that may affect information related to eligible family members of subscribers (“family members”) covered by the SAMBA Federal Employees Health Benefits Plan in 2017. “We take this incident, and member privacy, very seriously,” Walter E. Wilson, SAMBA’s Executive Director stated….
Southeast Clinical Pathology Laboratories Notifies Patients of Stolen Laptop
From the notice on their web site: March 21, 2018 – Clinical Pathology Laboratories Southeast, Inc. (“CPLSE”) has become aware of a data security incident that may have involved the personal and protected health information of its patients and their payment guarantors. On September 20, 2017, a laptop issued to a CPLSE employee was stolen….
Prosecution drops five felony charges against Justin Shafer, accepts plea to one misdemeanor charge
In May 2016, the Dallas FBI raided dental integrator and independent researcher Justin Shafer because of allegations that he had accessed an FTP server without authorization. Shafer was subsequently raided twice more, and in March 2017, he was arrested and charged with stalking a federal employee – not hacking or any criminal conduct related to…