There’s an update to a breach that I previously noted in 2012, and it reinforces the importance of your business associate contracts and the importance of monitoring them if you’re a HIPAA-covered entity: Hartford Hospital and the EMC Corporation will pay $90,000 and have agreed to institute additional training and control measures to resolve an…
Category: Health Data
Huntington Medical Research Institutes discloses two HIPAA breaches in one-month period
HIPAA Journal reports: Nonprofit biomedical research company Huntington Medical Research Institutes (HMRI) has announced two HIPAA breaches in the space of a month: One involving the improper disposal of records, the other an alleged theft of patient data by a former employee. The insider breach reportedly impacted 4,300 patients. Read more on HIPAA Journal. The…
Ca: Simcoe nurse suspended by College of Nurses over privacy breach at Norfolk General Hospital
Monte Sonnenberg has a follow-up to a breach I commented on back in 2013: A Simcoe nurse fired from Norfolk General Hospital for inappropriately looking at medical records says she has been made “a scapegoat” for deficient management practices by her former employer. Nancy Oliveira said she did nothing that other nurses at NGH were not…
U.S. Senators calls for federal investigation after News 3 stories on Veterans Administration breach
Adam Schrager has more on how News 3’s investigative reporting has resulted in a response from U.S. Senators: Sen. Tammy Baldwin (D-Wis.) is calling for a federal investigation into how the U.S. Department of Veterans Affairs handles the personally identifiable information of America’s veterans. This comes after a News 3 investigation into an instance in April…
Genome researchers hit back at infosec bods’ ‘network vuln’ claims
Alexander J. Martin reports that there’s a response to a report of vulnerabilities previously noted on this site. The Global Alliance for Genomics & Health has downplayed vulnerabilities found in its genome-sharing network by two Stanford researchers. Carlos Bustamante and Suyash Shringarpure, postdoctoral scholars in genetics at Stanford, had raised concerns about The Beacon Project’s…
CEA Releases Guidelines on Privacy and Security of Personal Wellness Data
Meena Harris writes: Last week, the Consumer Electronics Association (“CEA”) announced its Guiding Principles on the Privacy and Security of Personal Wellness Data, a set of baseline, voluntary guidelines for private-sector organizations that handle the type of data often produced by wearable technologies. Read about the guidelines on Covington & Burling InsidePrivacy.