A reminder of the insider threat: A former NHS employee has been found guilty and fined for illegally accessing the medical records of over 150 people. Loretta Alborghetti, from Redditch, worked as a medical secretary within the Ophthalmology department at Worcestershire Acute Hospitals NHS Trust when she illegally accessed the records. In June 2019, a…
Category: Insider
Cardiovascular Consultants (CVC Heart) allegedly hit by ransomware (1)
Cardiovascular Consultants LTD (CVC Heart) in Arizona may or may not have been the victim of a ransomware attack, but they have not responded to inquiries about that. So far, all we have are unsubstantiated claims by a ransomware group and an alleged data archive download that doesn’t download. On October 25, Cardiovascular Consultants LTD…
AU: ‘Curious’ pharmacist spied on patient records at The Alfred
Lachlan Abbott reports: About 7000 Alfred Health patients are victims of a privacy breach after a pharmacist working at Victoria’s leading trauma hospital accessed personal medical records without authorisation. Alfred Health wrote to every patient affected in a letter sent on Monday, seen by The Age, which said the pharmacist was dismissed after an investigation, launched…
Hogan Lovell Series: “Insider Threats”
Hogan Lovells is introducing a new multimedia series: Welcome to Hogan Lovells’ The Data Chronicles, brought to you by the firm’s global Privacy and Cybersecurity practice. This multimedia series is dedicated to the ever-changing legal and regulatory developments in the world of data, privacy, and cybersecurity. Insider threat remains one of the most challenging cybersecurity…
Breaking Trust: Hospital Worker Suspended For Invasion Of Patient’s Privacy
Cheryl King reports: In a shocking incident at the Government Ariyalur Medical College Hospital, a temporary housekeeping staff has been suspended for violating patient privacy. The accused, Manikandan of Kadur in Perambalur, allegedly took a photo of a male patient who was lying unconscious and naked in the operation theatre and shared it on WhatsApp….
HIPAA requires employers to sanction employees who violate HIPAA. Did you know that?
From HHS’s October cybersecurity newsletter: Last year, the Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) released a threat brief on the different types of social engineering1 that hackers use to gain access to healthcare information systems and data.2 The threat brief recommended several protective measures to combat social engineering, one of…