Lance Griffin has an update to another long-running data breach lawsuit: A federal judge has granted class action status to a civil lawsuit involving the theft of personal information at Flowers Hospital, believed to have occurred in 2013. The decision, if ultimately approved, means people who believe they have been adversely affected as a result…
Category: Insider
DA launches criminal probe into St. Charles breach
The St. Charles Health System may think they’ve met all their obligations in their handling of an insider snooping incident, but Deschutes County District Attorney John Hummel says the matter should have been reported to them for criminal investigation. Now that’s interesting to think about. If a covered entity is convinced that an employee snooped…
Children’s Hospital of Eastern Ontario employee breached privacy of nearly 300 patients
Shaamini Yogaretnam reports: A former part-time instructor at Algonquin College and CHEO employee shared the private information of 283 patients with students, prompting the end of their employment at the college and a privacy investigation at the hospital, the Citizen has learned. On March 10, Adam Vaughan received a concerning letter in the mail about…
Affiliated Santé Group learned that patient info was exposed on GitHub for years
So there was another breach disclosed in January that I didn’t find out about until today. It’s an insider-error situation involving a software developer contractor who unintentionally exposed protected health information (PHI) of 550 patients on GitHub – for more than five years. Here is Affiliated Santé Group’s notification: January 30, 2017 RE: Notice of…
UK: Man prosecuted for taking files with job candidates’ personal info with him when he resigned to start rival company
Gregory Orum has been prosecuted at Highbury Corner Magistrates’ Court for an offence of unlawfully obtaining personal data. The defendant, who at the time worked at a recruitment agency based in Hertfordshire, emailed the personal data of approximately 500 candidates to his personal email address as he was leaving to start a new rival recruitment…
“Curious” employee snooped on thousands of St. Charles Health System patient records
And this, kids, is why you need to monitor employee access to patient records and audit over longer periods. Kyle Spurr reports: A caregiver at St. Charles Health System accessed nearly 2,500 patients’ electronic medical records without authorization from the hospital. The caregiver told the hospital she viewed the files out of curiosity. Her actions…