Jaikumar Vijayan reports: The Federal Trade Commission (FTC) can be compelled to disclose details of the data security standards it uses to pursue enforcement action against companies that suffer data breaches, the agency’s chief administrative law judge ruled Thursday. The decision came in response to a motion filed by LabMD, a now-defunct medical laboratory that…
Category: Health Data
69 Vermont docs, health care providers targeted in tax scam
Sam Hemingway reports: At least 69 Vermont physicians and health care workers, many of them connected to Fletcher Allen Health Care in Burlington, were targets of a nationwide tax scam involving identity theft and the filing of fraudulent federal income tax returns in their names. “It’s mostly doctors, but it’s not restricted to them,” Paul…
150 doctors target of tax fraud in NH, Vt., Shaheen says
I’m pleased to see that the rash of stolen identity refund fraud (SIRF) affecting health care professionals, discussed here and here, is getting wider media attention. Brian Krebs reported it on the other day, and that always helps wake up the media. Now the Associated Press reports: New Hampshire Sen. Jeanne Shaheen has asked the…
Healthcare professionals in North Carolina victims of tax refund fraud
Last May, I reported on a breach affecting patients at Piedmont Healthcare and Presbyterian Anesthesia Associates in North Carolina whose website host, E-dreamz, had been hacked. At the time, I noted that not only patient data but some employee information was involved for Piedmont. Today, Kathryn Burcham of WSOC-TV reports that dozens of Piedmont Healthcare employees…
Another email gaffe leads to breach notifications, Tuesday edition
Today’s human error example comes from Willis North America, who reports that an employee accidentally attached a spreadsheet with employee information to an email reminding employees about earning wellness credits for the firm’s Medical Expense Benefits health plan. You can read more in their April 17th notification to the New Hampshire Attorney General’s Office. Update:…
QCA Health Plan settles HHS charges stemming from laptop theft breach in October 2011
QCA Health Plan, Inc., of Arkansas, has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules, agreeing to a $250,000 monetary settlement and to correct deficiencies in its HIPAA compliance program. On February 21, 2012, HHS received notification from QCA regarding a breach of…