Jerry DeMarco reports: Horizon Blue Cross Blue Shield of New Jersey agreed to pay $1.1 million and improve data-security practices to settle charges that it failed to properly protect the privacy of nearly 690,000 state policyholders whose personal information was contained on two laptops stolen from the insurer’s Newark headquarters. The insurance giant — New…
Category: Of Note
State Data Breach Notification Laws: February 2017 Privacy Update
Cynthia J. Larose and Michael B. Katz of Mintz Levin write: During 2016, amendments to breach notification laws in five states went into effect (California, Nebraska, Oregon, Rhode Island and Tennessee). And by the end of last year, well over twenty states had introduced or were considering new regulations or amendments to their existing security breach…
$5.5 million HIPAA settlement shines light on the importance of audit controls
Memorial Healthcare Systems (MHS) has paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and agreed to implement a robust corrective action plan. MHS is a nonprofit corporation which operates six hospitals, an…
Ph: Comelec faces probe for another possible data breach
Paterno Esmaquel II and Michael Bueza report: The Commission on Elections (Comelec) is facing an investigation for another possible data breach after one of its computers in the town of Wao, Lanao del Sur, was stolen. Comelec Chairman Andres Bautista confirmed to Rappler on Thursday, February 16, “Merong computer sa election office ng Wao, Lanao del…
Hacker Breached Dozens of Universities and Government Agencies, Report Says
Jeff John Roberts reports: A hacker has reportedly obtained access to the computer systems of prominent universities, including Cornell and New York University, and is attempting to sell that illegal access on the Internet, according to a research firm. In a report published on Wednesday, the firm Recorded Future published new details about the hacker’s activities. The…
Third-party incidents continue to put patient ePHI at risk: Protenus
Protenus, Inc. has released its Breach Barometer for January. As they report, 2017 is starting out where 2016 left off: we are seeing an average of one breach per day involving health data. Protenus’s report, based on 31 incidents, reported that there were 388,307 breached records for the 26 incidents for which they had numbers. The single largest…