The following was originally posted to PHIprivacy.net. The carousel image for this post reflects 2011 statistics from DataLossDB and is used with permission. Note that healthcare sector breaches account for a smaller percentage of total breaches reported in 2011 compared to 2010 while business sector breaches account for a larger percentage of total breaches compared to…
Category: Health Data
Healthcare most breached industry in 2011? Not by my analyses.
To his credit, Dave Kennedy tried to analyze breaches based on Privacy Rights Clearinghouse data. PRC’s database begins with 2005 breaches and allows interested individuals to sort by year, breach type, and sector. After pulling out the numbers for 2010 and 2011 to compare to previous years, Kennedy reports that healthcare was/is the most breached…
Senator Franken considering legislation to encourage (but not require?) encryption for healthcare and OMR providers
Coverage by Diana Bartz of Reuter’s from today’s Senate subcommittee hearing on protecting health information privacy in a digital world: […] “We know from the statistics on breaches that have occurred since the notification provisions went into effect in 2009 that the healthcare industry appears to be rarely encrypting data,” according to written testimony by Deven…
Three months after tapes are reported missing, ValueOptions notifies National Elevator Industry subscribers (updated)
I just read a notification to the New Hampshire Attorney General’s Office that is both thorough in its description of the event and steps taken, but also needlessly increased the risk to those affected. In a letter dated October 28, ValueOptions, Inc. described how a container of tapes containing unencrypted data went missing after being…
SC: Confidential Patient Information Found on Hard Drive
Ouch. Jeff Brush reports: Officials at Behavioral Health Services of Pickens County are trying to figure out exactly how a computer hard drive with confidential patient information made it outside the facility. John Schafer, of Easley, a retired elevator repairman who fixes computers as a hobby, made a shocking discovery recently when he installed a…
(update) 'No identity theft in Tallaght data breach'
Niall Hunter reports: The Data Protection Commissioner has said no evidence has emerged of patient identity theft or the selling of patient data taking place as a result of a major medical data breach at Dublin’s Tallaght Hospital. During the summer, the Commissioner started investigating a major data protection breach arising in relation to the…